AboutUs > GDPR statement

About us - our GDPR statement

Sidmouth Concert Society Data Protection Policy

Why this policy document is necessary

In order to function the Concert Society needs to collect, store and use information about its subscribing members or other members of the public and those with whom it makes contractual arrangements. The General Data Protection Regulations (GDPR) introduced in 2018 define the rules with which it must comply when doing so.

The information used by the Society

Sidmouth Concert Society, in promoting the Sidmouth Music series of concerts and carrying out any other activities in pursuit of its charitable purposes, collects information from its members and those who wish to be contacted by it. This includes names, addresses, telephone numbers and email addresses necessary to manage the interaction between the Society and those contacts. The basis on which this information is held is through the consent of the individual either when subscribing to the series of concerts or asking to be included on the mailing list. The consent may be withdrawn or modified at the request of the individual at any time and the Society will comply with that request. However total withdrawal, or significant limitation, of consent may jeopardise the Society's ability to function adequately and the Society would have to reserve the right to cancel the subscription or remove the mailing record totally on that basis.

Information about agent companies or individuals, or players and ensembles, is used for contractual purposes only. The holding of such information is justified under the contractual arrangement for which it has been obtained, and is not used for any other purpose.

Protection of personal information

The Society uses generally accepted standards of technology and operational security in order to protect personal information from loss, misuse, or unauthorised manipulation. For any payments which are taken for on line ticket purchases the Society uses a reputable third party payment system. Internet transactions in any form can never be guaranteed to be 100% secure so the Society will promptly notify a purchaser if it becomes aware of any breach of personal information which might lead to risk.

The Society will not sell personal information, or share it with any third party except as required to do so by law.

Retention of information

Personal information is retained on the Society's systems throughout the period of subscription or for as long as an individual wishes to remain on a mailing list. Thereafter information will be held in archived form in order to maintain the integrity of the Society's records and deal with any legal or other obligations relating to it.

Individual rights under GDPR

Any individual has the right to:

The appropriate contacts within the Society relating to its records are:

Any individual has the right to take any complaints about how his or her personal information is processed to the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.


affiliated to


Return to AboutUs page