Leisure, Culture and Tourism - privacy notice
Who we are?
Derby City Council – Leisure Culture and Tourism services are also known as 'In Derby’, incorporating:
- Derby LIVE
- Derby Active
- Derby Arena
- Move More Derby
- Derby Parks
- Visit Derby
- Derby Folk Festival
- Live Tickets
Derby City Council is the local government unitary authority for Derby City. Our address is The Council House, Corporation Street, Derby, DE1 2FS. You can contact our Data Protection Officer on 01332 640763 or by email at firstname.lastname@example.org.
How do we collect information from you?
We collect information from you when you visit inderby.org.uk, derbylive.co.uk, derbyarena.co.uk, derbyfolkfestival.co.uk, visitderby.co.uk, livetickets.org, derbymarketplace.co.uk and derby.gov.uk; also when you contact us in writing, speak to us on the phone, by email or any other type of electronic communication, talk to us face to face, or you visit or engage with our facilities, services and activities.
What types of information do we collect from you?
We collect different categories of information about you, depending on the service you want from us and/or the reason why we need to process information relating to you. This could be personal information (for example your name and address), or other more sensitive data that we would only collect and use in very particular circumstances that are set out in law.
Information obtained from third parties
We also collect data from some of our partners that provide services for us. These include Lawn Tennis Association (through ClubSpark), GolfNow (through Teeofftimes) and UK Footgolf.
How is your information used?
In accordance with our contractual obligations and legitimate interests or consent as and when required; we may use your information to:
- Administer your ticket sale, membership, application or booking, including any health or disability information you provide to us in order to deliver services with your needs in mind.
- Contact you if there are any important changes to your booking, membership or the services we provide to you.
- Respond to information you have asked for.
- Ensure we know how you prefer to be contacted.
- Produce videos/photographs for digital ticketed public events that you have submitted content for.
In accordance with our legitimate business interests we will:
- Tell you about changes in our services or new services, events and offers that we think you’ll find of interest.
- Keep a record of your relationship with us.
- Analyse your personal information to create a profile of your interests and preferences so that we can contact you with information most relevant to you.
- Occasionally undertake customer research to help us understand how we can improve our services or information.
- Use images and videos taken at our facilities, and where our services and activities take place to promote our services, facilities and activities.
- Use images and videos submitted by yourself to produce video content for events and to promote our events.
If you would rather NOT receive postal or telephone communications from us about relevant services, you can ask to be removed from these – find out how at inderby.org.uk/preferences or email us at email@example.com or call us on 01332 640640.
When supplying your email address as part of a booking, you will be given the option to ‘opt-out’ of digital marketing communications (e.g. email and digital advertising) about similar services, and unless you do so we will continue to send you information of this kind. You can also choose to opt-in to our email communications about specific services at any time. You can opt-out at any point, using the unsubscribe link on each email, or by contacting us.
If you feature in an image or video we will have taken reasonable steps to seek your consent and/or to inform you. You can object to the use of an image or video that features you by emailing firstname.lastname@example.org.
Coronavirus has been added as a notifiable disease under the Health Protection (Notification) Regulations 2010. Under the Public Health (Control of Disease) Act 1984 and associated Regulations; and the Coronavirus Act 2020 and associated Regulations the Council has a legal duty to store, process and share personal information. The information will be stored, processed and shared as part of the national, and local Coronavirus Test and Trace operations where necessary for investigations, as well as the testing and tracing of individuals, groups or businesses; and to assist in the investigation into cases of Coronavirus; Coronavirus outbreaks and issues of non-compliance with the Acts and associated Regulations. The information will also be used; interrogated and mapped to inform the Councils actions and decision making processes. Any such storage, processing or sharing of information will be done in the public interest in order to promote health and wellbeing.
During the investigation of cases and/or outbreaks of Coronavirus, information which is gathered may be shared between departments within Derby City Council; with other Councils associated with an outbreak; other health services or with other government bodies associated with the control of the Coronavirus. The Council has a duty to notify national Government bodies, such as Public Health England, and the relevant local authority where an individual resides (if different), where there are suspected Coronavirus cases. The Council will disclose the information under Article 9(2)(j) of the UK GDPR (processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health), and confidential information may be lawfully disclosed in the public interest, without consent, where the benefits to an individual or to society outweigh both the individual’s and the public interest in maintaining the confidentiality of such data.
The Council may contact staff, service users, residents, patients, businesses and premises with messages relating to Coronavirus by text, phone, letter or e-mail. This contact is not direct marketing; therefore we do not need your Consent before contacting you. There is more information available on the national Information Commissioners Office approach to the current epidemic here: https://ico.org.uk/
Research and statistics
Anonymised and pseudonymised data may be used for research and statistical purposes. Any data collected may be used for research and statistical purposes that are relevant and compatible with the purpose that the data was collected for.
Who has access to your information?
We will not share any personal details with any other third parties without your agreement, unless required in order to fulfil our contract with you, or allowed to by law.
In general, the third-party providers used by us to fulfil our contract with you will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. These providers include our Booking and Membership Systems providers and operators, Email and Mail distribution services.
We have agreements in place with each to ensure that your data is secure at all times, and cannot be accessed or used for any other purpose.
When booking a ticket at Derby LIVE you may be given the choice to also hear from the artistic company or promoter of the event you have booked to see. Where you explicitly agree for us to do so, we will pass your data to the relevant company and they will be in touch with you to communicate their own Privacy and Data Policy. You can opt-out at any time by contacting them directly.
We may share personal information with other organisations appropriate to the booking, service or membership, including The Audience Agency, Sport England, Swim England, Purple Seven, Ramblers, NHS Digital, Southern Derbyshire CCG, Derby County Community Trust, and Derbyshire Fire & Rescue who use this to analyse patterns of participation, attendance, health & wellbeing for national and regional research or monitoring purposes.
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes without your explicit consent.
What are your rights in relation the personal data we process?
- Access – you can request copies of any of your personal information that is held by the Council.
- Rectification – you can ask us to correct any incorrect information.
- Deletion – you can ask us to delete your personal information. The Council can refuse to delete information if we have a lawful reason to keep this.
- Portability – you can ask us to transfer your personal data to different services or to you.
- Right to object or restrict processing – you have the right to object to how your data is being used and how it is going to be used in the future.
- Right to prevent automatic decisions – you have the right to challenge a decision that affects you that has been made automatically without human intervention, for example an online form with an instant decision.
What security precautions are in place to protect the loss, misuse or alteration of your information?
We are strongly committed to data security and will take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard the information you provide to us. However, we cannot guarantee the security of any information you transmit to us. We recommend that you take every precaution to protect your personal information.
Keeping your data up to date
We want to ensure any information we hold is accurate. You can help us by promptly informing us of any changes to the information we hold about you.
How long will we keep your information for?
We keep and dispose of all records in line with our record retention schedule. We will comply with Data Protection legislation.
What are Cookies and why are they used?
Cookies are small text files which identify your computer to our servers. They are used to
improve the user experience. View what cookies we use and how you can manage them, by visiting our cookies pages at In Derby, Derby LIVE, Derby Arena, Derby Marketplace and Visit Derby.
As with most websites, we receive and store certain details whenever you use our website. We use ‘cookies’ to help us make our site – and the way you might use it – better. Cookies mean that a website will remember you and enable online transactions. It also helps us understand how you use our website, where we can make improvements and how best to tell our users about events and services they might be interested in.
From time to time, for certain marketing campaigns, you may receive personalised online advertising after visiting our website. For example, we work with agencies to create relevant advertising for future concerts, and this might appear on your device based on non-personally identifiable information such as your device’s IP address. Many of these online adverts allow a facility to opt-out or refine your preferences to make advertising more relevant to you.
We use social media to broadcast messages and updates about events and news.
On occasion we may reply to comments or questions you make to us on social media platforms. You may also see adverts from us on social media that are tailored to your interests. Depending on your settings or the privacy policies social media and messaging services like Facebook, LinkedIn or Twitter, you might give third parties (like Derby Live) permission to access information from those accounts or services.
Internet Protocol (IP) addresses are collected when our site is used:
- for statistical/analytic purposes
- to identify any malicious activity
If you are accessing online services and are under the age of 13‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.
If you would like to make a complaint regarding the use of your personal data you can contact our Data Protection Officer;
- By post: Information Governance, The Council House, Corporation Street, Derby, DE1 2FS
- By phone: 01332 640763
- By email: email@example.com
For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner's Office (ICO):
- By post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
- By phone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number