London Playwrights’ Workshop Ltd – which is also the non-profit behind London Playwrights’ Blog – is dedicated to protecting the privacy of its readers, members, and subscribers. We are the data controller for your personal data and will ensure it is used and stored in accordance with the Data Protection Act (1998), the Privacy and Electronic Communication Regulations (2003) and as of 25 May 2018 the EU General Data Protection Regulation (EU 2016/679).
London Playwrights’ Workshop Ltd (LPW) is a non-profit company limited by guarantee registered in England and Wales (company number 9753202). LPW operates London Playwrights’ Blog (LPB) and all data processed by the subsidiary is controlled by LPW.
How we collect your information / The types of information we collect
We collect certain personal information about visitors, members, workshop participants, job/tam applicants, and users of our Sites.
The most common types of information we collect include things like: user-names, member names, email addresses, IP addresses, other contact details, survey responses, blogs, photos, payment information such as payment details, transactional details, tax information, support queries, forum comments, and web analytics data. We will also collect personal information that includes name, contact, and payment details from people who book our workshops or script consulting services. If you apply to be involved with one of our projects, we will also collect information from you (such as, your CV, the application form itself, cover letter and notes).
Depending on how you are engaging with our work, we may request the following data from you. (We only collect information that’s necessary to carry out our business or to deliver our charitable objectives. The more ways you engage with us as an organisation, the more data we will require in order to provide the necessary services required. There are occasions where you can choose to not provide us with the information we require, but this will then impact the service we are able to provide.)
- Prefix and full name
- Email address
- Billing address
- Phone number
- Date of birth
- Age range (survey only)
- Ethnic origin (survey only)
- Payment card details – please note we do not save these details and therefore only retain the last four digits of your card in our database
- Delivery address
- Bank details for direct debit instructions
- Access requirements
- Whether you identify yourself as having a disability (survey only)
- Dietary requirements (for fundraising and press events only)
- Contact preferences
- Emergency contact details (for project participants only)
- Borough (for project participants only)
- Job information
- Imagery (photography and video from events)
This is not an exhaustive list and we may retain different types of information for different individuals based on the service we are providing. For information on how long we retain your data for, refer to the ‘how we protect data’ section of this policy.
We also keep a record of your interactions with us in our database, such as when you have had an active membership, any projects you may have participated in or supported and whether you have received, opened or clicked through any emails we may have sent.
We also may collect an automatically populated IP address when you use our website or email service. This public IP address is a unique number which allows a computer, group of computers or other internet connected device to browse the internet. The log file records the time and date of your visit, the pages that were requested, the referring website (if provided) and your internet browser version. This information is collected to help diagnose and manage the website, to audit the geographical make-up of users, and to establish how they have arrived at the website.
Depending on your settings or the privacy policies for social media services like Facebook, Instagram or Twitter, you may give us permission to access information from those accounts or services, such as your behaviour on these services and across our site. The majority of this behaviour is anonymised. For more information on how to control your privacy settings for these services, go to the following links:
Why do we collect your information and how do we use it?
The main way we use your information is to provide the services you’ve requested. We also use your information to help us better understand our audience’s needs and to inform you about news. We will only contact you electronically about non-contractually related information when we have your consent to do so.
We use your information to provide you with resources, information, or services you have booked or requested through us. We also collect data (as through participant surveys) to help us understand what audience we are reaching and be able to report on this for charitable and fundraising purposes.
We may take photos or film events run by LPW, however we will always give prior warning and offer participants the opportunity not to be pictured. (Please note: this may be managed verbally rather than with written consent forms.)
Specifically, we use your information we collect in the following ways: To carry out our business and to provide a service or carry out a contract with you:
- To fulfil event, workshop, script consulting, donation and membership requests or provide important information about services.
- Provide the best possible customer services and to help us with internal administration.
Where we have your consent:
- Send you updates via email about what’s on, offers and news or about supporting us.
- Use your feedback in funding applications or activity/workshop/event evaluations
Where we have justifiable reason (including legal obligation and legitimate interest):
- Learn about your interests and preferences so that we can contact you with information that is relevant to you.
- Help us target our marketing communications and adverts so that they’re more relevant to you.
- Use your pseudonymised details to show you advertising on such Social Media platforms as Facebook and Instagram or via other third party advertising that may appear on other websites you use. The information shared with these platforms is pseudonymised to protect your personal data.
- Measure and understand how the people we interact respond to a variety of marketing activity so we can ensure our activity is well targeted, relevant and effective.
- Undertake consumer research: we may contact you to ask you to participate in consumer research either via an online or telephone survey or in person. You are under no obligation to participate in research and, should you provide any further information, LPW will inform you how any further information will be used.
- Analyse and continually improve the services we offer.
More about our Mailing list:
- LPW and LPB use Mailchimp’s GDPR-friendly contact tools.
- If you unsubscribe, Mailchimp will remove all traces of your personal data from our reports and lists (except for anonymous, aggregated reports).
- Mailchimp’s strong privacy protections mean that your data will be handled appropriately and in line with EU legal requirements.
More about Membership:
- If you are a member, you will be subscribed to our receive Member Alerts to fulfill our contractual obligation to keep you apprised of the resources and benefits available to you. You can unsubscribe from this mailing list at any time by following the unsubscribe link included at the bottom of all of our newsletter communications.
- Our membership system is run by Paid Memberships Pro – we use their plugin but they do not have access to any member data.
- The LPW website is powered by Thimpress, which has confirmed in writing that these products are GDPR compliant.
More about Payments:
- We use two secure payment providers, Stripe and Paypal, which keep your financial data safe. (Please note, our site also has an SSL Security Certificate to ensure your details are protected at all times.)
- Membership payments are handled through Stripe, a secure payment service. Your payment details are stored securely on their server, and your card details are not even fully visible or accessible to the LPW team.
- We will never ask you to send card details by email.
- If you have payment problems, we have the ability to make updates and changes over the phone (which we would only do at a time prearranged by email from our team firstname.lastname@example.org email).
- If you are a member who chooses to cancel your membership, we delete your payment information
How we protect your data / Who we share your information with
Your data is kept securely and never shared with third parties without your consent. It can be accessed by the LPW core team or may be shared with freelance practitioners for services you have booked or requested (script consulting, advice response, etc).
We use a number of data processors in order to help us provide the services you request. These organisations are obligated to act on our instruction in relation to their use of your personal data and do not have any control over your data in their own right. We make sure anyone who provides a service for LPW meets our standards for data security. They will not use your data for anything other than the clearly defined purpose relating to the service that they are providing.
We use Jetpack security services to prevent brute force logins, spam, harmful malware injections, or malicious attacks of the website, and have automatic security threat notifications enabled.
We will ensure that your data is only retained for as long as is reasonably necessary depending on the purpose of the data. As part of the services offered to you LPW’s websites, the personal information you provide may be transferred to countries outside the European Economic Area (EEA). By way of example, this may happen if any of the computer servers used to host the website are located in a country outside of the EEA.
If LPW transfers your personal information outside of the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this privacy notice. LPW may transfer your data to the USA to organizations such as Facebook, Google or MailChimp. The USA has weaker data protection laws than that of the EEA and therefore we will ensure that only organisations who are a part of the EU privacy shield initiative will handle your personal information. More details on this certification can be found at www.privacyshield.gov/welcome.
We will keep your information only for as long as is reasonably necessary for the purposes set out in this privacy notice and to fulfil our legal obligations. We will not keep more information than we need. The retention period will vary according to the purpose, for example if purchasing a workshop or service, we will typically keep your data for up to ten years from the date of your last transaction. For members, we delete your payment details but typically keep your information indefinitely; this prevents another person signing up with your same member name or assuming your identity on this membership, and reserves your member name in case you choose to come back in the future. For further information about how long we will keep your information, please contact the Data Protection Manager using the contact details outlined in this notice.
If you ask us to stop sending direct marketing communications to you, we will keep the minimum amount of information (e.g. name, address or email address) to ensure we adhere with such requests.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Links to other websites/from other websites:
18 or Under:
We are concerned to protect the privacy of children aged 18 or under. If you are aged 18 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
Additional Details on Website/Technical Components:
More about making website comments or uploading media:
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to our websites, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Visitor comments may be checked through an automated spam detection service.
More on cookies:
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites:
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We only do this with services that follow EU Privacy Shield guidelines, and recommend you refer to the privacy policies of individual websites for additional details (the same recommendation we make for external links).
Your Rights and Choices
You should find it easy to access and amend the personal information that we hold on you, or request that we stop contacting you. It’s your data and we want to make sure you feel in control of it. You can do this by logging onto our LPW member site. Alternatively, if you are on our mailing list, or a member and need to update your name, email or other details, simply email the change needed to: email@example.com.
Every email we send to you will include details on how to unsubscribe from future communications. If you would like to see what information we hold about you can also request full details of personal information we hold about you under the Data Protection Act 1998, or after 25 May 2018, The General Data Protection Regulation, by contacting the Data Controller. Please send a description of the information you would like to see, together with proof of your identity to firstname.lastname@example.org.
At any time, you have the right to ask LPW to amend or stop how it uses your personal information including for marketing purposes. You can do this by contacting email@example.com.
Updates and further info
Further information on data protection regulations and laws can be found here:
- Data Protection: https://ico.org.uk/for-the-public
Updates to this policy will be posted on this page– please check back from time to time. We may also inform you of any changes where we hold an appropriate email address for you
Policy updated 21 May 2018