PRIVACY POLICY

We are committed to respecting and protecting your personal data as a controller in line with the retained EU law version of the General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our website, or by providing your personal information to us, you consent to the collection and use of your information as described in this Privacy Policy.

Our website is not intended for children and we do not knowingly collect data relating to children.

WHAT DATA WE COLLECT

We may collect personal information when you:

  • Book a class, course, workshop or event with us (via Squarespace, Eventbrite or other ticketing services).

  • Make a payment for a booking (processed by Stripe).

  • Sign up for our online newsletter (via Mailchimp, Hubspot or Canva).

  • Apply for a job, volunteer, or otherwise provide us with personal information.

  • Complete one of our forms (e.g. PAR-Q health form, Equalities Monitoring).

This may include:

  • Contact details: name, email, phone number, postal address.

  • Emergency contact name and phone number.

  • Health information (injuries, conditions, allergies) and PAR-Q forms (explicit consent required).

  • Anonymous Equalities Monitoring data (e.g. age, gender, ethnicity, sexual orientation, disability).

  • Any other information you choose to provide.

    We may also collect statistical browsing data (e.g. IP address, browser type) via cookies. This does not identify individuals.

WHY WE COLLECT YOUR DATA

We process personal data to:

  • Provide and manage bookings for our classes, courses, workshops and events.

  • Safeguard your health and safety during participation.

  • Contact you about events you’ve booked or may be interested in.

  • Send you newsletters (if you have opted in).

  • Monitor equal opportunities and improve inclusivity (data anonymised).

  • Evaluate and improve our work.

LAWFUL BASIS FOR PROCESSING

We rely on one or more of the following bases in order to collect and use your personal data:

  • Our legitimate interests: to deliver our services safely and effectively.

  • Performing our contract with you: to provide services you have booked.

  • Consent: when processing health/medical information or signing you up to our newsletter.

  • Legal obligations: for record-keeping (e.g. health and safety or compliance).

HOW WE STORE YOUR DATA AND WHO WE MAY SHARE IT WITH

  • Booking data is stored securely on Squarespace and may also be stored in password-protected Google Drive accounts, accessible only to authorised staff.

  • Payment details are processed securely by Stripe, our payment provider. Three Score Dance does not store or have access to your card details. Stripe may process and store data outside the UK but complies with UK GDPR safeguards. You can read Stripe’s Privacy Policy here.

  • Ticketing data may be collected through Eventbrite, which complies with UK GDPR. You can read Eventbrite’s Privacy Policy here.

  • Newsletter sign-ups are managed by Mailchimp. Mailchimp (and other services we use) ensure all information is stored and used correctly. You can read their privacy policy here. Mailchimp stores their data in the USA but does so in line with the EU General Data Protection Regulation.

  • Our online newsletter is powered by Mailchimp but we sometimes use Hubspot or Canva.

  • All providers comply with UK GDPR safeguards, including when data is stored outside the UK.

DATA RETENTION

  • Booking details/information and financial records (invoices and receipts): Retained for 6 years for HMRC and Charity Commission compliance.

  • Emergency contact details: Retained for the duration of your class/course, plus 12 months.

  • Medical and PAR-Q information: Retained for 12 months and renewed annually.

  • Equalities Monitoring forms: Anonymised immediately, so no personal data is retained. Data is renewed every 1-2 years.

  • Newsletter sign-ups: Retained until you unsubscribe or after 3 years when we re-confirm consent.

  • Photos and videos: Retained until consent is withdrawn for marketing purposes, reporting to funders and documenting activity. If used publicly (website/social media), images may remain in archives unless a removal request is made.

YOUR RIGHTS

Under UK GDPR, you have the right to:

  • Access the data we hold about you.

  • Correct inaccuracies in your data.

  • Request deletion of your data in certain circumstances. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

  • Withdraw consent for us to process your data (this may affect your ability to participate if health/safety cannot be assured).

  • You also have the absolute right to object any time to the processing of your personal data for direct marketing purposes.

  • You have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). However, before doing so please make sure you have first made your complaint to us or asked us for clarification if there is something you do not understand.

  • Further details about your rights can be found on the ICO’s website at the link above.

To exercise these rights, contact us at: info@threescoredance.co.uk

SHARING YOUR DATA

We will never sell your data. We do not transfer your personal data outside of the UK and we only share it internally, with trusted third-party providers (Squarespace, Stripe, Google, Mailchimp, Eventbrite etc.) to deliver our services, where required by law, or where we have another legitimate lawful reason for doing so (such as with our legal advisors or accountants, who owe obligations of confidentiality).

DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

COOKIES

We may collect anonymous browsing data via cookies to analyse website use. This does not identify individuals.

CONTACT

For any questions or to exercise your data rights, please contact us by email: info@threescoredance.co.uk

If you would like to remove yourself from our mailing list please email info@threescoredance.co.uk or unsubscribe from the bottom of any mailout you receive.

REGISTERED OFFICE

5 Mackie Avenue, Brighton, East Sussex BN1 8RA

A light blue lightning bolt icon on a black background.