EAL Ltd t/a Enterprise Architects (“we”) are committed to protecting and respecting your privacy. We will use any information we collect about you in accordance with the Privacy and Electronic Communications Regulations 2003, the Data Protection Act 1998 and, from 25 May 2018, the General Data Protection Regulation (GDPR).
WHO WE ARE
EAL Ltd is incorporated as a company registered in England & Wales (Registered Company Number 04319391).
By visiting www.enterprisearchitects.eu you are accepting and consenting to the practices described in this policy.
For the purpose of the General Data Protection Regulation (GDPR), the data controller is EAL Ltd of 57 Charterhouse Street, London, EC1M 6HA.
WHAT INFORMATION DO WE COLLECT?
We only collect the information that is necessary to carry out normal business operations, to provide any good or services you’ve asked for, and to keep you updated about our current and future activities. Examples of the type of personal information that we collect includes:
- name, title, date of birth and gender
- sensitive personal data, such as information about race, ethnicity and sexual orientation (you have the right not to provide us with this information)
- contact details including postal address, email, phone numbers
- if you are a teacher with whom we have professional relationship, name and address of school/college, type of school/college, teacher name, teacher email, subject and key stage taught
- transaction history, including financial and credit card information
- access requirements to enable us to determine if you require wheelchair access, audio description, BSL interpretation, or any other access requirement
- image and likeness (as captured on our CCTV cameras and in photographs and videos we may use for promotional purposes)
- technical information gathered when you visit our website; including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit to our website; including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- other background personal information you may provide to us (for example when you correspond with us).
HOW DO WE COLLECT YOUR INFORMATION?
You give us your information when you buy something online, sign up for one of our events or workshops, apply for a job, promotion or survey, or communicate with us by phone, email or otherwise.
We receive and store certain details whenever you use the EAL website. A cookie records on your device information relating to your internet activity (such as whether you have visited our website before). The cookies we use on our website don’t collect personally identifiable information about you and we won’t disclose information stored in cookies that we place on your device to third parties. The cookies we send to your device only relate to your use of our website; they don’t have any other effect on your device.
WHAT WE USE YOUR PERSONAL INFORMATION FOR
We will only collect the personal data that we need and use it on relevant lawful purposes as permitted by the current data protection legislation (UK Data Protection Act/GDPR).
WE WILL USE THIS INFORMATION:
- to carry out our obligations arising from any contracts between us and to provide you with the information, products and services that you request from us;
- to provide you with information about other goods and services we offer;
- to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. We will only contact you by electronic means if you have consented to this. You can update your preferences by logon to or create an EAL account on our website
- to analyse your information and carry out a segmentation. This is used to better understand customer behaviour and, where your consent is given, to inform you of the productions and services we believe are of most interest to you. If you do not wish us to use your data in this way, please email firstname.lastname@example.org and we will stop the behavioural segmentation of your data. You will still receive emails from us if you have requested to do so but these may be less targeted to you based on your past bookings.
- to notify you about changes to our service;
- to ensure that content from our site is presented in the most effective manner for you and for your computer;
- to send you invitations to take part in research surveys, research discussion groups or interviews to give your opinions about our productions and services (whether or not you have agreed to receive other communications).
- to conduct desktop research;
- to administer membership records, patrons’ records and giving schemes;
- to manage our volunteers and ambassadors; and/or
- to ensure that our fundraising resources are used in the most effective and efficient manner and that any communications we may send you about fundraising are appropriate.
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
USE OF SENSITIVE PERSONAL DATA
We may collect sensitive personal information about you including information about your racial or ethnic origin, your religious or other beliefs and offences or alleged offences committed by you (Sensitive Personal Data).
Such Sensitive Personal Data shall be processed and used in a manner that complies with the additional requirements relating to Sensitive Personal Data as set out in the Act. Such Sensitive Personal Data shall only be collected after having obtained your explicit consent to do so or where it is necessary to do so to comply with legal requirements including for employment law purposes. Some sensitive data is requested in our customer surveys but is analysed anonymously and is not obligatory to provide.
OUR BASIS FOR PROCESSING YOUR PERSONAL INFORMATION AND WHAT WE USE IT FOR
We aim to be clear when we collect your data and not to do anything you wouldn’t reasonably expect.
We may process personal data because it is in our legitimate interests to do so.
SHARING YOUR PERSONAL INFORMATION
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may also share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers.
- Social media sites for the purposes of data analytics and targeted advertising.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
- Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
We may disclose your personal information to third parties:
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply terms and conditions of supply and other agreements; or to protect the rights, property, or safety of EAL Ltd, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
- Please note that Sensitive Personal Data will not be shared with third parties without your consent.
WHERE WE STORE YOUR PERSONAL DATA
- Your personal data will be securely held and processed on EAL’s systems or systems managed by suppliers on behalf of the EAL. We maintain a customer relationship management (CRM) system to manage our activities in ticketing, marketing, relationship management of our customers and stakeholders, and fundraising to hold contact details and a record of your interactions with us such as ticket purchases, donations, memberships, queries, complaints and attendance at special events.
- We always seek to hold your data securely. Access to customer information is strictly controlled. The CRM system can only be accessed by people who need it to do their job. Certain data, for example sensitive information, is additionally controlled and is only made visible to members of staff who have a reason to work with it.
- Any payment transactions will be encrypted.
- Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
HOW LONG DO WE KEEP YOUR DATA?
- The retention period will vary according to the purpose, for example for a financial transaction such as a ticket purchase, we may keep your data for up to seven years from the date of your last transaction to comply with HMRC requirements.
To request specific information about how long we keep your personal data please email email@example.com.
Under GDPR you have the following rights:
- To request access to the personal data we hold about you
- To request us to have inaccurate personal data we hold about you rectified, or completed if it is incomplete
- To ask us to erase your personal data (you may have heard of this as the right to be forgotten)
- To require us to restrict our processing of your information in certain circumstances
- To require us to provide data portability of your information, this allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability.
- To ask us to stop using your information, for example to stop sending you marketing emails. If you wish to exercise any of these legal rights in respect of the personal information we hold about you, please email firstname.lastname@example.org.