Privacy Policy of Not Too Tame Theatre

Not Too Tame Theatre (“we,” “us,” or “our”) is committed to protecting your privacy and safeguarding your personal data. This Privacy Policy outlines the data handling practices of our website, nottootametheatre.com, and details how we collect, use, disclose, and safeguard your information in accordance with applicable data protection regulations, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

1. Commitment to Privacy and Data Protection

We uphold your rights as a digital citizen and place a high priority on your privacy. We collect and process personal information responsibly, transparently, and only where necessary to fulfil lawful purposes. Our data practices are designed to protect the fundamental right to privacy with strong data governance, access controls, and legal safeguards.

2. Scope of Policy and Data Controller Role

This Privacy Policy governs the use of personal data collected through our website at nottootametheatre.com. In accordance with GDPR, Not Too Tame Theatre is the Data Controller responsible for the collection, processing, and storage of your personal information. For data protection or privacy-related concerns, you may contact us at [email protected].

This policy applies to users and visitors of our website, as well as customers who purchase tickets, register for our services, or engage with us via contact forms or email.

3. Categories of Data Processed

We may collect and process the following categories of personal data:

– Usage Data: Includes information about how you use our website, such as your IP address, browser type, operating system, pages visited, referring URLs, date/time stamps, and session duration.

– Account Data: If you create an account with us or make purchases, we may collect your full name, postal address, email address, and phone number.

– Profile Data: Includes information derived from your use of our services, such as your preferences, interests, previous attendance or purchases, and behavioral interactions with website features.

– Communication Data: Includes records of your interactions with us via contact forms, email, and customer service communications.

– Technical Data: Comprises device-specific data, such as device type, version, screen resolution, language preferences, and system configurations.

– Transaction Data: Includes information related to purchases made on our website, such as order history, billing information, payment method (note: full card details are processed via secure third-party gateways and never stored on our servers), and delivery details.

– Preference Data: Involves information about your marketing preferences, event interests, newsletter subscriptions, and cookie consent choices.

4. Legal Bases for Processing

We rely on the following legal bases under GDPR to collect and process your personal data:

– Consent: Where you have provided explicit permission for us to use your data for defined purposes, such as subscribing to our newsletter or accepting non-essential cookies.

– Contractual Necessity: To fulfill our contractual obligations with you, such as processing ticket purchases and delivering related services.

– Legitimate Interests: To support our operational and performance interests, such as improving website functionality, responding to inquiries, and optimizing user experience, provided these interests are not overridden by your data rights.

– Legal Compliance: Where processing is required to comply with legal obligations or lawful government requests.

For CCPA purposes, we do not sell your personal information. We only use your information as detailed in this policy.

5. Your Rights

Subject to applicable laws, you have the following rights regarding your personal data:

– Right to Access: You may request a copy of the personal data we hold about you.

– Right to Rectification: You have the right to correct inaccurate or incomplete data.

– Right to Erasure: You may request the deletion of your personal data where there is no lawful reason for its continued processing.

– Right to Restriction: You can request that we limit how we process your data under certain conditions.

– Right to Data Portability: You may request your data in a structured, commonly used, machine-readable format for transmission to another controller.

To exercise any of these rights or to inquire further, please email [email protected].

6. Security Measures

We employ robust technical and organizational security measures to protect your data from unauthorized access, use, alteration, and disclosure. These include, but are not limited to:

– Encryption of data at rest and in transit
– Role-based access controls and authentication mechanisms
– Regular system and software updates
– Secure backups and disaster recovery plans
– Staff training in data privacy and cybersecurity

7. International Transfers

Where your data is processed or stored outside your jurisdiction, we ensure adequate protection by implementing Standard Contractual Clauses as adopted by the European Commission and by adhering to requirements of relevant supervisory authorities. Your data will only be transferred to countries offering an appropriate level of data protection, in compliance with GDPR and CCPA conditions.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

– Usage Data: retained up to 12 months for analytics and diagnostic purposes
– Account Data: retained for the duration of your account and up to 6 years thereafter for tax and legal obligations
– Communication Data: retained for up to 3 years after last contact
– Transaction Data: retained for up to 7 years in accordance with financial record-keeping requirements
– Marketing and Preference Data: retained until you withdraw consent or unsubscribe from communications

All data will be securely deleted or anonymized upon the expiry of the applicable retention periods.

9. Cookie Policy

We use cookies and other tracking technologies on nottootametheatre.com to enhance your browsing experience, analyze website traffic, and provide personalized services. The cookies we use fall into the following categories:

– Essential Cookies: Enable core website functionality, including secure navigation and access to ticketing or login areas.
– Functional Cookies: Remember your preferences, such as language settings and user interface customizations.
– Performance Cookies: Collect anonymized data on how users interact with the site to improve usability and content relevance.
– Analytics Cookies: We use tools such as Google Analytics to gather insights into user behavior.

10. Cookie Management and Compliance

Upon your first visit, you will be presented with a cookie banner that allows you to accept or configure your cookie preferences in accordance with GDPR and CCPA regulations.

You may also manage or disable cookies at any time through your browser settings. Please note that disabling essential cookies may impair website functionality.

11. Children’s Privacy

Our website and services are not intended for use by children under the age of 13. We do not knowingly collect or solicit personal data from minors. If we discover that we have inadvertently collected data from a child under 13, we will delete it promptly in accordance with applicable laws.

Parents or guardians who believe that their child has submitted personal data may contact us at [email protected] to request deletion.

12. Policy Updates and Notifications

We reserve the right to amend this Privacy Policy when necessary to reflect legal obligations or changes in our data practices. Where significant updates occur, we will provide prominent notification on nottootametheatre.com and, where applicable, communicate directly via email.

13. Contact

If you have any questions, concerns, or wish to exercise your data protection rights, please contact:

Not Too Tame Theatre
Email: [email protected]
Website: nottootametheatre.com

We are committed to full compliance with applicable data protection laws and to resolving any privacy issues fairly and promptly. Thank you for trusting Not Too Tame Theatre with your personal information.