Privacy Policy
Not Too Tame Theatre – nottootametheatre.com
1. Introduction
At Not Too Tame Theatre (“we”, “our”, or “us”), your privacy is of paramount importance. We are committed to safeguarding the personal information of our users and ensuring compliance with all applicable data protection laws and regulations, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of your personal data while using our website, nottootametheatre.com.
2. Scope of This Policy and Data Controller Role
This policy applies to all users of nottootametheatre.com and any services accessible through the website. Not Too Tame Theatre is the data controller responsible for determining the purposes and manner in which your personal data is processed.
If you are accessing the website from jurisdictions outside of the United Kingdom or European Economic Area (EEA), similar protections and rights may apply under local laws.
3. Categories of Data We Process
We collect and process the following categories of personal data:
a. Usage Data
Including information such as browser type, IP address, time zone, access dates and times, device identifiers, session duration, user interactions, and referral URLs.
b. Account Data
Including your full name, postal address, email address, phone number, and any account credentials you provide when registering on nottootametheatre.com.
c. Profile Data
Including interests, purchase history, ticket bookings, preferences, and behavioral activity on our website.
d. Communication Data
Including the content and metadata of correspondence exchanged with us, such as customer support requests and contact form submissions.
e. Technical Data
Including device information (operating system, hardware specifications, browser details), error logs, and system configuration settings used during your interaction with the website.
f. Transaction Data
Including payment method details, billing address, shipping address, ticket or product confirmations, receipts, and order IDs.
g. Preference Data
Including your chosen communication preferences, marketing consents, newsletter subscriptions, and product or event interests.
4. Legal Bases for Processing
We rely upon the following lawful grounds for processing your personal data:
– Performance of a Contract: To process ticket purchases, fulfill service commitments, and manage user accounts.
– Consent: For sending marketing communications, placing non-essential cookies, and storing optional preferences.
– Legitimate Interest: To improve our website, prevent fraud, and administer general business operations, provided such interests do not override your rights.
– Legal Obligation: In compliance with applicable statutory and regulatory requirements.
5. Your Rights
Subject to applicable laws, you have the following rights:
– Right of Access: Request confirmation and access to your personal data.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data under certain conditions.
– Right to Restrict Processing: Request limited use of your personal data in specific cases.
– Right to Data Portability: Request transfer of your personal data to another controller.
– Right to Object: Object to the processing of your personal data based on legitimate interests or direct marketing.
– Right Not to Be Subject to Automated Decision-Making: We do not engage in automated decision-making with significant legal effects.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement comprehensive technical and organizational security measures to protect your data, including:
– End-to-end encryption of sensitive information during transfer.
– Role-based access controls and user authentication protocols.
– Regular secure data backups and redundancy safeguards.
– Continuous staff data privacy training and access policies.
While we strive for the highest level of data protection, no method of electronic transmission or storage is completely secure. We therefore cannot guarantee absolute security.
7. International Data Transfers
Personal data may be transferred to and processed in countries outside of your jurisdiction, including countries that may not be deemed to provide the same level of data protection. Where applicable, such transfers are conducted using:
– Standard Contractual Clauses approved by the European Commission.
– Other recognized and lawful mechanisms to ensure adequate protection.
8. Data Retention
We retain your personal data according to the following guidelines:
– Usage, Technical, and Preference Data: Retained for up to 2 years for analytic and optimization purposes.
– Account and Profile Data: Retained for the duration of your account and up to 6 years after account closure.
– Transaction Data: Retained for a period required to meet legal, accounting, and tax obligations (typically 6–7 years).
– Communication Data: Retained for up to 3 years to ensure service quality and support.
Data may be retained longer when required by legal obligations or in connection with litigation or dispute resolution.
9. Cookie Policy
We use cookies to enhance your experience on nottootametheatre.com. Cookies are small files stored on your device to improve functionality and collect analytical data.
We categorize cookies as follows:
a. Essential Cookies
Necessary for website functionality, including page navigation, session control, and security authentication.
b. Functional Cookies
Used to remember your choices and settings (e.g., language preference or region).
c. Analytics Cookies
Help us measure website performance, user behavior, and improve functionality based on visitor insights.
d. Performance Cookies
Used to enhance the speed and responsiveness of our website and applications, often working with third-party service providers.
10. Cookie Management and Legal Compliance
You can manage your cookie preferences through:
– The consent banner at first visit to nottootametheatre.com.
– Browser settings to accept, block, or delete cookies.
– Use of recognized opt-out tools (e.g., http://www.aboutads.info/choices for US users).
In compliance with GDPR and CCPA, we obtain explicit consent for non-essential cookies, offer opt-out mechanisms, and do not sell personal information as defined under applicable data protection laws.
California residents may also exercise specific rights under the CCPA by contacting us using the details in Section 13.
11. Children’s Privacy
Our website is not directed to children under the age of 13, and we do not knowingly collect or process information from such individuals. If you believe that a child has provided us with personal data in error, please contact us immediately at [email protected] so we can delete the information.
12. Policy Updates and Notification
We reserve the right to make changes to this Privacy Policy at any time. Substantive changes will be communicated via a prominent notice on nottootametheatre.com. We encourage you to refer back to this policy regularly to stay informed about how your information is protected.
13. Contact Us
If you have any questions, concerns, or complaints relating to the processing of your personal data or this Privacy Policy, please contact us at:
Email: [email protected]
Website: https://nottootametheatre.com
We are committed to maintaining a privacy-first digital experience for all visitors. If you believe your data protection rights have been infringed, you also have the right to lodge a complaint with your relevant supervisory authority.