Vogrie Pogrie Festival UK GDPR Policy

1. Introduction

Vogrie Pogrie Festival is committed to protecting the privacy and security of personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This policy outlines our approach to data protection and our commitment to ensuring compliance with GDPR requirements.

2. Scope

This policy applies to all personal data collected, processed, and stored by Vogrie Pogrie Festival, including data collected through our website, social media platforms, ticketing systems, and any other means of data collection.

3. Data Collection and Processing

We collect and process personal data for the following purposes:

  • Managing ticket sales and event registrations through Ticket Tailor.

  • Sending promotional emails and newsletters through MailerLite.

  • Managing website content and online transactions through Squarespace.

  • Communicating with customers and stakeholders through Gmail and Google Drive.

  • Advertising and engaging with our audience on Instagram, Facebook, and Twitter.

4. Lawfulness of Processing

We will only collect and process personal data where we have a lawful basis to do so, which may include:

  • The data subject has given consent to the processing of their personal data for one or more specific purposes.

  • Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

  • Processing is necessary for compliance with a legal obligation to which Vogrie Pogrie Festival is subject.

5. Data Security

We have implemented appropriate technical and organizational measures to ensure the security of personal data and to prevent unauthorized access, disclosure, alteration, or destruction of data.

6. Data Retention

We will only retain personal data for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements.

7. Data Subject Rights

Data subjects have the following rights under GDPR:

  • Right to access: Data subjects have the right to request access to their personal data and information about how it is being processed.

  • Right to rectification: Data subjects have the right to request correction of inaccurate or incomplete personal data.

  • Right to erasure: Data subjects have the right to request the deletion of their personal data under certain circumstances.

  • Right to object: Data subjects have the right to object to the processing of their personal data in certain situations.

8. Third-Party Services

We may use third-party services and platforms to collect, process, and store personal data. We will ensure that any third parties involved in the processing of personal data comply with GDPR requirements and provide sufficient guarantees regarding the security and confidentiality of data.

9. Data Breach Notification

In the event of a data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify the appropriate supervisory authority and affected data subjects without undue delay.

10. Training and Awareness

We will provide training and raise awareness among staff members about data protection requirements and their responsibilities under GDPR.

11. Review and Update

This policy will be reviewed and updated regularly to ensure continued compliance with GDPR and any changes in data protection laws and regulations.

12. Contact Information

If you have any questions or concerns about our data protection practices or this policy, please contact us at [contact email/phone number].

Conclusion

Vogrie Pogrie Festival is committed to protecting the privacy and security of personal data and will continue to ensure compliance with GDPR requirements in all aspects of our operations.