Data protection and Privacy Policy

Metronomes collect and process personal information in order to help us provide our services and meet our charitable objectives. We are required by law to have a policy covering data, including privacy: General Data Protection Regulation (GDPR).

Metronomes data controller is Marva Spencer, our Head of Administration.

Please be reassured that you can have data deleted, corrected or updated. This is done through a Subject Access Request (see below).

Metronomes commitment to accessibility

In line with our commitment to accessibility, our data protection & privacy policy can be made available in Braille, audio, or large prints. Some elements are difficult to make available in an easy read format, but we are happy to talk through the policy if this is helpful.

Making a Subject Access Request

You have the right to make a Subject Access Request and see personal data Metronomes holds on you, have it amended (ie. corrected or updated) or deleted.

We will resolve any issues you have within the GDPR required one-month timescale, free of charge.

Please contact us if you wish to make a Subject Access Request by either speaking to Marva in the panyard or by contacting info@metronomes.org.uk or phone 07774 216746.

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you are not satisfied with Metronomes service:

Web address:

https://ico.org.uk/make-a-complaint/

Helpline:

0303 123 1113

Our full policy

Our data protection & privacy policy covers the use of Metronomes and all other services that Metronomes provides, along with its role as a contractor of services from others. The use of this website and all our services is conditional on accepting Metronomes data protection & privacy policy.

Any changes to our policy will be published on this page, along with details of substantial changes made available through Metronomes Facebook account and email newsletters.

Metronomes data controller (Marva Spencer) is responsible for ensuring that our use of personal data meets the General Data Protection Regulation (GDPR) requirements. All of Metronomes tutors and other workers, trustees and volunteers have received training that is relevant to their role.

We believe our data & privacy policy is compliant with the GDPR.

If you have any questions or comments for Metronomes, please send an email to info@metronomes.org.uk.

What data do we collect and how do we use it?

Metronomes collect and process information in order to:

  • To deliver our services in line with our charitable objectives
  • Meet its obligations to its trustees, tutors, other workers, and volunteers and organisations and individuals from whom it obtains goods and services and works with
  • Satisfy the needs of funders/prospective funders and other partners
  • Market our services to people ie. send information about existing and new services
  • Customise peoples experience, for example, provide information that we think is relevant to them ie. to specific London Boroughs
  • Monitor and evaluate our services
  • Satisfy our equality and diversity and other policies
  • Identify people each time you visit our website (see Cookie & other website data below)
  • Take payments for services

Metronomes organise personal data so that it can be accessed quickly by the relevant people.

You may be asked, either when you register with us, or at other times, for information about yourself, such as your name, email address, postal address and telephone number.

When you order certain services, we will need to know your payment details ie. credit/payment card number and expiration date. You are under no obligation to provide this information, but if you don’t then we may not be able to provide you with certain services.

Personal data will be obtained only for one or more specified and lawful purpose and will not be further processed in any manner incompatible with that purpose. It will be adequate, relevant and not excessive in relation to the purpose or purposes for which it is being processed. It is accurate and will be kept up-to-date.

No personal information is kept unnecessarily, and it is destroyed once no longer being actively used.

With whom is the information shared?

Metronomes will not share, sell or rent your personal information to third parties. However, we may disclose your personal information to third-party suppliers who provide services on our behalf. Metronomes may disclose aggregate statistics about our website visitors and people receiving our services to our funders/prospective funders, prospective partners, advertisers and other reputable third parties and for other lawful purposes, but these statistics will not include personally-identifying information.

Metronomes may disclose personal information if required to do so by law or if it believes that such action is necessary to protect and defend the rights, property or personal safety of Metronome’s people any people with whom we work or serve, visitors to the website and users of any of our services.

Metronomes websites contain external links. When you visit these sites, we suggest that you read their privacy policies if you have any concerns. Metronomes is not responsible for the privacy policies or the content of external websites.

Our primary web hosts are WordPress, which we believe to be  GDPR compliant. We believe all the other agencies we use to provide online service are GDPR compliant.

We use a number of plugins available through WordPress.com to run our website. We believe they are all GDPR compliant.

If you have any concerns about the information we may share send us an email: info@metronomes.org.uk

Cookies and other website data tracking

Metronomes websites uses cookies. They are pieces of information that a website transfers to your hard drive to store and sometimes track information about you. Most web browsers automatically accept cookies, but if you prefer, you can change your browser to prevent that. However, you may not be able to fully use a website if you do so.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org.uk

When you visit one of Metronomes websites it automatically logs your IP address (the unique address which identifies your computer on the internet) which is automatically recognised by our web server. We use IP addresses to help us administer our site and to collect broad demographic information for aggregate use. We do not link IP addresses to personally identifiable information.

Metronomes websites may automatically collect non-personal information about you such as the type of internet browsers you use. You cannot be identified from this information and it is only used to assist us in providing an effective service on our site.

WordPress collects some information like what websites link to Metronomes websites, the numbers of people visiting the site and what countries they are from.

Metronomes don’t currently use Google Analytics.

Social media

Metronomes have accounts with Instagram, Facebook, Twitter, Soundcloud and YouTube. We believe they are all GDPR compliant. If you have any concerns, please read their privacy policies, and/or send us an email: info@metronomes.org.uk

Email newsletters

Metronomes have a variety of email newsletters. We use double opt-in: after you fill out the form to subscribe to our newsletters you receive an email to confirm you wish to subscribe.

You can unsubscribe at any time and change any preference that is set.

The third-party services we use to run the newsletters we believe are GDPR compliant. See their privacy policies on their websites if you have any concerns, and/or send us an email: info@metronomes.org.uk.

Security

Metronomes place great importance on the security of all information associated with our service users. We have security measures in place to attempt to protect against the loss, misuse and alteration of customer data under our control. This includes robust anti-virus and anti-hacking software. Relevant policies and procedures are periodically reviewed and enhanced as necessary and only authorised personnel have access to user information.

With regard to our websites, we use secure server software (SSL) to encrypt information you input. While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur, we use our best efforts to prevent this. We believe all the third parties we use to run our websites are GDPR compliant.

Where is the information stored?

Paper-based materials like the register at steelpan lessons, along with any other forms we ask you complete are kept securely at a location within the UK.

Electronic data is also stored securely in the UK.. The charity’s data backed-up to outside the office is secure and fully GDRP compliant.

Information submitted by you may be transferred by us to reputable third-party suppliers situated outside the European Economic Area (EEA) ie. WordPress used for our websites.

We believe all our third-party suppliers outside the EEA have GDPR compliant policies.

Data breaches

If we believe your personal data may have been breached, we will contact you at the earliest possible time with details of actions we intend to take and any actions you should take ie. changing passwords. The Information Commissioner’s Office will be informed within 72 hours.

Document status: First published 14 December 2019. Last updated 6 January 2020. To be reviewed annually by the trustees, or before if affected by a change in Metronomes work.

Marva Spencer

Marva Spencer

Head of Admin