Our commitment to you
You are at the heart of everything we do. We are committed to managing & safeguarding your personal information in accordance with current legislation and best practice. Our aim is to be responsible, relevant, and secure when using your data by handling your personal information with respect.
It’s important that you know what personal information Music Worldwide Ltd (known here as "we" or "MWL") collects about you, and how we use it.
We’ve done our best to make our explanations short and easy to understand. But, if you’d like further information, or have any questions, please contact our Data Protection Officer using the details in the ‘Contact Us’ section below.
Who We Are?
We are Music Worldwide Ltd registered in England under company registration number 5225363 and registered with the ICO reference number ZB220276 and are the controller and responsible for your personal data.
Music Worldwide Ltd is a UK based inter-cultural music, events and education consultancy. We undertake a broad spectrum of work including; *Event Productions *Cultural and community based education projects *Consultancy services: Artistic programming, concert production, artist development and management.
Data Protection Definitions
• Personal Data – any information relating to an identified or identifiable natural person.
• Processing – any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
• Data subject – a natural person whose Personal Data is being Processed.
• We/us (either capitalized or not) This document and references to “MWL” and “we” and “us” apply equally throughout this Privacy Notice The Law MWL is based in England and thus subject to law applicable in England & Wales.
In the case of data protection, the primary legislation in effect from 25th May 2018 is Regulation EU 216/679 (the General Data Protection Regulation), as well as the Data Protection Act 2018. Data Protection Principles The following data protection principles are adhered to by MWL:
Processing is lawful, fair, transparent.
Our Processing activities have lawful grounds. We always consider your rights before Processing Personal Data. We will provide you information regarding Processing upon request.
• Processing is limited to the purpose.
Our Processing activities fit the purpose for which Personal Data was gathered.
• Processing is done with minimal data.
We only gather and process the minimal amount of Personal Data required for any purpose.
• Processing is limited with a time period.
We will not store your personal data for longer than needed.
We will do our best to ensure the accuracy of data. We will do our best to ensure the integrity and confidentiality of data. Data Subject’s rights The Data Subject has the following rights:
• Right to information – meaning you have the right to know whether your Personal Data is being processed; what data is gathered, from where it is obtained and why and by whom it is processed.
• Right to access – meaning you have the right to access the data collected from/about you. This includes your right to request and obtain a copy of your Personal Data gathered.
• Right to rectification – meaning you have the right to request rectification or erasure of your Personal Data that is inaccurate or incomplete.
• Right to erasure – meaning in certain circumstances you can request for your Personal Data to be erased from our records.
• Right to restrict processing – meaning where certain conditions apply, you have the right to restrict the Processing of your Personal Data.
• Right to object to processing – meaning in certain cases you have the right to object to Processing of your Personal Data, for example in the case of direct marketing.
• Right to object to automated Processing – meaning you have the right to object to automated Processing, including profiling; and not to be subject to a decision based solely on automated Processing. This right you can exercise whenever there is an outcome of the profiling that produces legal effects concerning or significantly affecting you.
• Right to data portability – you have the right to obtain your Personal Data in a machine-readable format or if it is feasible, as a direct transfer from one Processor to another.
• Right to lodge a complaint – if we refuse your request under the Rights of Access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled, please contact us.
• Right for the help of supervisory authority – meaning you have the right for the help of a supervisory authority and the right for other legal remedies such as claiming damages.
• Right to withdraw consent – you have the right withdraw any given consent for Processing of your Personal Data.
To exercise any of the above rights please contact us.
Please note that whilst we will carefully assess every request, we receive we may not always have to comply. When this happens, we will explain why. The Personal Data We Collect and How We Use It We do our best to keep the information we collect about you to the minimum necessary, with the information we collect depends upon how you are interacting with us
When you visit MWL website, certain personal information can automatically be collected from your device. Specifically, may include information like your IP address, device type, browser-type, broad geographic location (e.g., country or city-level location) and other technical information. We may also collect information about how your device has interacted with our website, including the pages accessed and links clicked.
Collecting this information enables us to better understand the visitors who come to our website, where they come from, and what content on our website is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our website to our visitors.
Some of this information may be collected using cookies and similar tracking technology. MWL will collect data for purposes such as future newsletter to release information on upcoming events/future festivals and general marketing of MWL event.
MWL will collect data pertaining to name & email address and possibly telephone number. However, ticket agencies we use such as SKIDDLE will collect same information alongside credit card details when tickets are purchased. We do not collect or store this personal data.
Decision Making MWL do not currently utilise automated decision-making functions within its business. A Data Protection Impact Assessment (DPIA) would be carried out before any Automated Processing (including profiling) activities were to be undertaken.
Data Retention Except where a legal obligation to retain data exists, MWL does not store personal information for any longer than is necessary for its defined purpose. We operate a data retention policy and look to find ways to reduce the amount of information we hold and the length of time we hold it for.
Wherever an individual has expressed that they no longer wish to have information we hold about them used for the purpose under which we hold it, we may need to continue storing certain identifiers to ensure that person’s information does not re-enter our systems at a later date.
When data is no longer to be retained, its removal, deletion or erasure will be performed according to processes suitable for the medium, for example the secure shredding of paper documents, deletion from internal systems, or overwriting (wiping) of hard disks.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Who else can access your Personal Data?
We will not share your information with any third parties for the purposes of direct marketing. Personal Data about you is in some cases provided to our trusted partners in order to provide elements of our service to you, to make providing the service to you possible, or to enhance your customer experience.
We may pass your personal data on to third-party service providers contracted to MWL in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide you on our behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with MWL data controller-processor contract agreement.
If we wish to pass any form of sensitive personal data onto a third party we will only do so once we have obtained your consent unless we are legally required to do otherwise.
We only work with Processing partners who are able to ensure adequate level of protection to your Personal Data. We disclose your Personal Data to third parties or public officials when we are legally obliged to do so. We might disclose your Personal Data to third parties if you have consented to it or if there are other legal grounds for it.
How we Secure Your Data
To help protect the privacy of data and personally identifiable information you transmit through use of this Site, we maintain physical, technical, and administrative safeguards. We update and test our security technology on an ongoing basis.
We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.
We promise to notify suitable authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.
Privacy by Design and Data Protection Impact Assessment (DPIA)
We are required to implement Privacy by Design measures when Processing Personal Data by implementing appropriate technical and organisational measures in an effective manner, to ensure compliance with data privacy principles.
We will assess what Privacy by Design measures can be implemented on all programs/systems/processes that Process Personal Data by considering the following: (a) the state of the art. (b) the cost of implementation © the nature, scope, context, and purposes of Processing; and (d) the risks of varying likelihood and severity for rights and freedoms of Data Subjects posed by the Processing. Furthermore, RSF will also conduct DPIAs in respect to high-risk Processing. We will always conduct a DPIA (and discuss the findings with the DPO) when implementing major system or business change programs involving the Processing of Personal Data including: (e) use of new technologies (programs, systems, or processes), or changing technologies (programs, systems, or processes). (f) Automated Processing including profiling and Automated decision making. (g) large scale Processing of Sensitive Data; and (h) large scale, systematic monitoring of a publicly accessible area. (k) an assessment of the risk to individuals; and (l) the risk mitigation measures in place and demonstration of compliance.
Contact Us If you have any questions, queries, or concerns about the above, or our approach to privacy, our dedicated Privacy Office, is here to help: email@example.com
There’s also the Information Commissioner's Office (ICO) although we encourage you to try and let us help you first.
The Information Commissioners Office (The ICO) Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Tel: 0303 123 1113 www.ico.org.uk
We reserve the right to make changes to this Privacy Notice at any time, for any reason. However, MWL will review and update this Privacy Notice periodically or from time to time in response to legal, technical, or business developments. If material changes to this Notice are made, they will be updated this via the website.
Last modification was made 29th Sept 2022