Privacy Policy for The Dance Cafe (Website Users and Donors)
1. Contact Details
The Dance Cafe (charity registration number: 1211281)
info@thedancecafe.org
The Data Controller is Theresa McCulloch.
2. Types of Personal Data We Collect
We may collect and process the following personal data:
- Full name
- Contact details (address, email, phone number)
- Payment information (for donations or event bookings)
- Any other information voluntarily provided by you
3. Sources of Personal Data
We primarily collect personal data directly from you when you:
- Sign up for classes, events, or workshops
- Make a donation
- Subscribe to our newsletter
- Apply for a volunteering or employment position
- Communicate with us via email, phone, or social media
If we receive your data from third parties, such as referral organisations or partner charities, we will inform you and seek your consent where necessary.
4. Purpose of Data Collection and Use
We process personal data to:
- Manage class and event registrations
- Process donations and Gift Aid claims
- Communicate with participants, donors, and volunteers
- Ensure the safety and well-being of participants
- Meet our legal and regulatory obligations
- Improve our services through feedback and analysis
5. Lawful Basis for Processing & Legitimate Interests
We process your personal data under the following legal bases:
- Contractual Obligation: To fulfil our commitments to you when you sign up for a service or event.
- Legal Obligation: To comply with applicable laws and regulations, such as financial reporting and safeguarding requirements.
- Legitimate Interest: To manage our charity’s activities effectively, including event coordination and donor relations. When relying on legitimate interest, we balance our interests with your rights.
- Consent: When required, such as for marketing communications or processing sensitive personal data.
6. Who We Share Your Data With
We do not sell or rent personal data. However, we may share your data with:
- Regulatory bodies where required by law
- Third-party service providers (e.g., payment processors, email providers) under strict confidentiality agreements
- Partner organisations for joint events or projects (with your consent)
7. Data Retention & Secure Disposal
We retain personal data only for as long as necessary.
- Financial records: 7 years (for regulatory compliance)
- Volunteer and participant records: 3 years after last contact
- Marketing data: Until consent is withdrawn
When data is no longer needed, we securely delete or dispose of it in accordance with industry standards.
8. Your Rights Under GDPR
You have the right to:
- Access your personal data
- Request correction or deletion of inaccurate data
- Withdraw consent for processing (where applicable)
- Object to processing based on legitimate interest
- Request data portability (where applicable)
- Lodge a complaint with the Information Commissioner’s Office (ICO)
For any queries or to exercise your rights, please contact us using the details provided above.
For more information on GDPR and your rights, visit the ICO website: https://ico.org.uk.
Last updated: 5th February, 2025.