Privacy Policy for Ten in a Bed Theatre
1. Introduction
At Ten in a Bed Theatre, accessible via teninabedtheatre.com, we are committed to respecting and protecting your privacy. This Privacy Policy outlines our practices regarding the collection, use, storage, and protection of your personal information in accordance with applicable privacy laws, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We adhere to the principle that your data belongs to you, and we are committed to processing it in a transparent, lawful, and fair manner.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who interact with the services provided through teninabedtheatre.com (the “Website”). For the purposes of data protection laws, Ten in a Bed Theatre is the data controller of your personal information. As a data controller, we determine the purposes and means by which your personal information is processed.
Should you have questions regarding the processing of your personal data, you may contact us at [email protected].
3. Categories of Data We Collect and Process
We may collect and process the following categories of personal data, which may vary depending on your interaction with the Website:
a. Usage Data:
Information about your interactions with our Website, including your IP address, browser type, device identifiers, date and time of access, referring URLs, and pages viewed.
b. Account Data:
Information provided when you create an account, such as your name, email address, telephone number, postal address, and login credentials.
c. Profile Data:
Details of your preferences, interests, purchase history, browsing behavior, event registration details, and language or location selections.
d. Communication Data:
Information you submit when contacting us for support, inquiries, or other communications, including the contents of the communication and any responses we provide.
e. Technical Data:
Information about the devices and technology you use to access the Website, such as operating systems, browser types, time zones, screen resolutions, and network information.
f. Transaction Data:
Details relating to transactions conducted through the Website, including billing information, delivery addresses, and payment method data (handled through secure third-party processors).
g. Preference Data:
Information associated with your marketing preferences, opt-in/opt-out status, content interests, and engagement levels with our campaigns.
4. Legal Bases for Processing
We process your personal data under the following legal bases, as appropriate under GDPR and relevant privacy laws:
– Consent: Where you have consented to the processing of your data for specific purposes, such as subscribing to newsletters or accepting cookies.
– Contractual Necessity: When processing is necessary to fulfill a contract with you, including the provision of event access, merchandise shipping, or account management.
– Legal Obligation: Where we are required to comply with legal or regulatory obligations.
– Legitimate Interest: Where processing supports our legitimate business interests, such as improving the Website, communicating with users, securing our systems, or marketing similar services, provided these do not override your rights and freedoms.
5. Your Rights
As a data subject under GDPR or as a consumer under CCPA, you have several rights in relation to your personal information:
– Right of Access: You may request confirmation as to whether your data is processed and obtain a copy of the data we hold.
– Right to Rectification: You may correct inaccurate or incomplete personal data.
– Right to Erasure: Also known as the “right to be forgotten,” you may request deletion of your data under certain conditions.
– Right to Restriction: You may request limitation of the processing of your data.
– Right to Data Portability: You may request a copy of your data in a structured, commonly used machine-readable format.
– Right to Object: You may object to the processing of certain data, including for direct marketing purposes.
– Right to Non-Discrimination (CCPA): You will not receive discriminatory treatment for exercising your privacy rights.
– Right to Opt-Out of Sale (CCPA): You may request that we do not “sell” your personal data as defined under the CCPA.
To exercise these rights, please contact us at [email protected]. We may require verification of your identity before processing any such request.
6. Security Measures
We implement appropriate technical and organizational security measures designed to safeguard your personal data from accidental loss, unauthorized access, disclosure, or alteration. These measures include:
– Data encryption during transmission (HTTPS)
– Secure data storage with access controls
– Regular data backups and disaster recovery procedures
– Employee privacy and security training
– Access limitation based on job role and data necessity
While no system can be 100% secure, we take robust steps to minimize risks and prevent breaches.
7. International Data Transfers
Where personal data is transferred to countries outside the European Economic Area (EEA), including the United States, such transfers will be safeguarded by appropriate legal mechanisms. These may include:
– Use of Standard Contractual Clauses approved by the European Commission
– Binding corporate rules
– Transfers to jurisdictions deemed to provide an adequate level of data protection
For more information regarding international data transfers, contact us at [email protected].
8. Data Retention
We retain your data only for as long as it is needed for the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. The retention periods include:
– Usage Data: 12 months
– Account and Profile Data: As long as your account remains active or as necessary to provide services
– Transaction Data: 7 years for tax and accounting purposes
– Communication Data: 24 months after final correspondence
– Preference Data: Until withdrawn or updated by the user
After retention periods expire, data is securely deleted or anonymized.
9. Cookie Policy
Cookies are small text files placed on your device to help us provide and optimize our services. We use the following types of cookies on teninabedtheatre.com:
– Essential Cookies: Required for functionality such as navigation, account login, and transactions.
– Functional Cookies: Enable enhanced features like remembering preferences or pre-filling forms.
– Analytics Cookies: Help us understand site usage, content engagement, and technical performance through tools such as Google Analytics.
– Performance Cookies: Monitor uptime, load times, and responsiveness.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, we allow you to manage your cookie preferences through a consent management platform. Upon visiting the Website, you will be presented with a cookie banner allowing you to:
– Accept all cookies
– Reject non-essential cookies
– Customize your cookie settings
Your preferences will be stored, and you may change them at any time via the Website’s cookie settings link in the footer or through your browser settings.
11. Children’s Privacy
The Website is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children. If we become aware that a child under the age of 13 has provided us with personal data, we will take immediate steps to delete that information.
If you believe a child has provided personal data to us, please contact us at [email protected].
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. If significant revisions are made, we will provide clear notice via the Website or by contacting you directly where required by law. Continued use of the Website indicates your acknowledgement of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact us:
Email: [email protected]
We are committed to ensuring your personal information is handled appropriately and in compliance with global data protection standards.
—
This Privacy Policy is maintained by Ten in a Bed Theatre to promote trust, transparency, and compliance with applicable laws including GDPR and CCPA. For further guidance, clarification, or if you wish to exercise your rights, please contact us at [email protected].