- HOW WE COLLECT YOUR INFORMATIONWe collect your personal information when you interact with us or use our services, such as when you use the Website. We also look at how visitors use the Website, to help us improve our services.We collect information:
• when you create an account with us or you change your account settings;
• when you contact us directly via email; and
• when you browse and use the Website (after you create an account with us).
- INFORMATION WE COLLECT FROM YOUAs part of our commitment to the privacy of visitors to the Website more generally, we want to be clear about the sorts of information we will collect from you.
When you access the Website, you may be asked to provide information about yourself including your name, phone number and email address.
We may also collect information about your usage of the Website and information about you when you contact us or provide us with feedback.
- USE OF YOUR INFORMATIONWe will only process the data we collect about you if there is a reason for doing so, and if that reason is permitted under data protection law. We will have a lawful basis for processing your information: if we need to process your information in order to provide you with the service you have requested or to enter into a contract; we have your consent; we have a justifiable reason for processing your data; or we are under a legal obligation to do so.Where we need to you use information in order to provide you with use of our services, we use your information:• to allow you to use the features in the website content and to process your registration.
• If you give us permission, we will send you news and promotional material about The Church. You can change your mind about this at any time and ask us not to process your personal data for direct marketing purposes, including profiling related to direct marketing. This policy also explains when we process personal data for our legitimate interests. You can ask us to stop processing this data.
• We disclose personal data when you agree that we can share data with business partners or other companies.
• Where we are under a legal obligation to do so we may use your information to comply with any legal obligation or regulatory requirement to which we are subject.
- AUTOMATED DECISION MAKINGWhere we believe we may detect fraudulent activity we may block you from placing an order and using the Website.
- RETENTION OF YOUR INFORMATIONWe will not retain your information for any longer than we think is necessary.When determining the relevant retention periods, we will take into account factors including:• our contractual obligations and rights in relation to the information involved;
• legal obligation(s) under applicable law to retain data for a certain period of time;
• statute of limitations under applicable law(s)
• our legitimate interests where we have carried out balancing tests (see section on ‘How we use your personal information’ above);
• (potential) disputes; and
• guidelines issued by relevant data protection authorities.Otherwise, we securely erase your information where we no longer require your information for the purposes collected.
- DISCLOSURE OF YOUR INFORMATIONSubject to the other terms of this policy, we may share your personal data with the following:• Group companies: We may share your personal data with our affiliated or group companies worldwide for the purposes listed above. Where you give your permission via the registration process, we will also share your personal data with other The Church affiliates for them to use for direct marketing.
• Artists: Where you have consented to direct marketing, we may also share your personal data with those artists (and their management companies) that you have expressed an interest in, who may then use your data to keep you updated with information about them.
• Other third parties: We may transfer or assign personal data to third parties in connection with the sale, merger, consolidation, change in control, transfer of substantial assets, reorganisation or liquidation of The Church, or any part of it. We may share with others, at our discretion, certain aggregate statistical data about purchases and the use of our content, which data may include demographic data such as the age range and/or geographic location of groups of users. No personal data (such as names or email addresses) will be identifiable from such statistics.
• In special circumstances: We may disclose personal data in special cases when we have reason to believe that disclosing this data is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference (either intentionally or unintentionally) with the rights or property of those described above in paragraph (a) or (b). Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.
- INTERNATIONAL TRANSFERThe data that we collect may be transferred to, and stored at, a destination within the United States or some other country outside the European Economic Area (“EEA“). For instance, if any of our, or any of our EEA-based service providers’, servers from time to time are located outside the EEA; if one of our service providers or suppliers is themselves located in a country outside the EEA; or if we share your data (in accordance with the ‘How we share your data’ section above).Where information is transferred outside the EEA, and where this is to a stakeholder or vendor in a country that is not subject to an adequacy decision by the EU Commission, data is adequately protected by EU Commission-approved standard contractual clauses, an appropriate Privacy Shield certification, or a vendor’s Processor Binding Corporate Rules.
- SECURITYWe adopt robust technologies and policies to ensure the personal information we hold about you is suitably protected.
We take steps to protect your information from unauthorised access and against unlawful processing, accidental loss, destruction and damage.
Where you have chosen a password that allows you to access certain parts of the Website, you are responsible for keeping this password confidential. We advise you not to share your password with anyone.Unfortunately, the transmission of information via the internet is not completely secure. Although we will take steps to protect your information, we cannot guarantee the security of your data transmitted to the Sites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
- YOUR RIGHTS
Under data protection law, you may have a number of rights concerning the data we hold about you. If you wish to exercise any of these rights, please contact us using the contact details set out above. For additional information on your rights please contact your data protection authority and see below.
The right to be informed.
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this policy.
The right of access.
You have the right to obtain access to your information (if we’re processing it). This will enable you, for example, to check that we’re using your information in accordance with data protection law. If you wish to access the information we hold about you in this way, please contact us.
The right to rectification.
You are entitled to have your information corrected if it is inaccurate or incomplete. You can request that we rectify any errors in information that we hold by contacting us.
The right to erasure.
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of certain of the information that we hold about you by contacting us.
The right to restrict processing.
You have rights to ‘block’ or ‘suppress’ further use of your information. When processing is restricted, we can still store your information, but will not use it further.
The right to data portability.
You have the right to obtain your personal information in an accessible and transferable format so that you can re-use it for your own purposes across different service providers. This is not a general right however and there are exceptions. To learn more please get in touch.
The right to lodge a complaint.
You have the right to lodge a complaint about the way we handle or process your information with the national data protection authority.
The right to withdraw consent.
If you have given your consent to anything we do with your information (i.e. we rely on consent as a legal basis for processing your information), you have the right to withdraw that consent at any time. You can do this by contacting us. Withdrawing consent will not however make unlawful our use of your information while consent had been apparent.
The right to object to processing.
You have the right to object to certain types of processing, including processing for direct marketing and profiling. You can object by changing your marketing preferences, disabling cookies as set out above or by getting in touch.
If you are not satisfied with our response to any complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) using the following details:Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone number: 0303 123 1113