Privacy Notice
The Royal Academy of Dance (RAD), including Royal Academy of Dance Enterprises Ltd, is committed to protecting and respecting your privacy.
This Privacy Notice explains:
- how, when and why we collect personal information
- how we use the information
- how long we keep it
- when and how we may share it with others
- how we keep it secure, and
- your privacy rights and how the law protects you
We only use personal information if we have an appropriate reason (lawful basis) to do so and this includes sharing information outside the Royal Academy of Dance.
How do we collect information from you?
We may obtain information about you when you:
- complete an online, electronic or paper application form
- speak to us on the telephone or in person
- email us
- visit our website(s)
- make a payment or donation
- make a booking for an event, class or workshop
- complete a survey online or paper version
- sign up to an RAD mailing list
- contact us through the online library catalogue
- submit your information via a QR code link
(The above list is representative, not exhaustive.)
What type of information is collected from you?
The personal information we collect may include your:
- name
- date of birth/age
- gender
- home address
- email address
- telephone number
- nationality
- school/business name
- school/business address
- credit/debit card information
- health or disability information (or other ‘special data’)
- emergency contact name, number and relation to you
- membership of professional bodies or associations
- dance teaching experience and/or skills, qualifications (dance, dance teaching, languages etc.)
- IP (internet protocol) address
- information regarding the web pages you have visited and when
(The above list is representative, not exhaustive).
How is your information used?
We use your information to:
- process an application that you have made for an activity (membership, CPD, class, course or programme of study) or event
- process an order for a product or other service
- process a payment (or credit) for a product or service
- process entries for competitions and bursaries
- seek your views or comments on the services we provide
- notify you of changes to our services
- send you communications/publications which you have requested and that may be of interest to you, which may include information about new products, services, events, and activities
- handle an enquiry or complaint you have made
- invite you to attend an event, seminar or conference
- ask you to support our work by making a donation or becoming a sponsor or supporter of the RAD, and
- to contact you in an emergency situation.
- for contact tracing in the event of a COVID-19 case being recorded
(The above list is representative, not exhaustive).
What is the lawful basis for processing my information?
As a complex, global organisation processing information in many different ways for different reasons across the RAD we have a different legal basis for processing in each situation. An overview of the lawful basis for processing your information in these circumstances is explained in the table below (however, if you want the specifics follow the Find out more links provided):
Your information | Circumstances | Lawful basis |
---|---|---|
Personal information relating to enrolling on courses and payment information | CPD See Departmental Privacy Notices below | Contract |
Personal information – processed in order to fulfil an order or complete a purchase of goods | Enterprises, RAD AU Shop See Departmental Privacy Notices below | Contract |
Personal information – relating to student entries | Examinations See Departmental Privacy Notices below | Legitimate interest |
Personal information – relating to the processing of payments and results | Examinations See Departmental Privacy Notices below | Contract (with teachers) |
Personal information to process an application, or enrol on a Faculty of Education, programme/module | Faculty of Education (HE) See Departmental Privacy Notices below | Consent |
Personal information – for delivery of the practical teaching module.(communication between Practical Teaching Supervisor, student and mentor). | Faculty of Education (HE) See Departmental Privacy Notices below | Contract |
Financial Services See Departmental Privacy Notices below | ||
Processing of personal information to register and pay for events | Fundraising & Events See Departmental Privacy Notices below | Contract |
Processing of personal information – inviting existing and potential supporters and donors to events or updates on our activities | Fundraising & Events See Departmental Privacy Notices below | Legitimate interest |
Human Resources See Departmental Privacy Notices below | ||
Processing personal information – to deliver e-communications, publications as requested | Marketing & Communications Find out more | Consent |
To promote related new initiatives, news and events to members and customers already engaged with the RAD | Marketing & Communications See Departmental Privacy Notices below | Legitimate interest |
Personal information – processing your membership subscription, (including membership benefits) | Membership Services See Departmental Privacy Notices below | Contract |
Sharing your personal information with the public or third parties to fulfill a benefit | Membership Services | Consent |
Sharing your personal information health authorities for the purposes of contact tracing in the event of a reported case of COVID-19 | All departments | Consent |
NB The collection and processing of personal information relating to health, disability, ethnic and sexual orientation, requires consent as the legal basis for processing.
How long is your information kept?
We review how long we keep personal information on a regular basis. We are legally required to hold some types of information to fulfill our statutory obligations, for example, all financial records are held for 7 years. In other areas of the business we hold your personal information on our systems, only for only as long as is necessary for the relevant activity, or as long as is set out in any relevant contract or agreement you hold with us.
Who has access to your information?
We DO NOT sell or rent your information to other organisations.
We DO NOT buy or rent information from other organisations.
We may pass your information to third party service providers, agents, subcontractors or other associated organisations. This is only done when stated and for the purposes of completing tasks and providing goods and services to you on our behalf.
When we do this, we disclose only the personal information that is necessary to deliver the service and we have an agreement in place that requires them to keep your information safe and secure and not to use it for any other purpose.
Please be reassured that we will not release your information to other organisations unless in exceptional cases when we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime. In all other instances, we would only share your information with another party, if you have given your explicit permission to do so.
We will also pass on your personal information to Health department officials for the purposes of contact tracing as a result of a reported COVID-19 case.
Third Party Providers
We make certain personal information available to third parties who provide services to us. We do so on a ‘need to know basis’ and in accordance with applicable data privacy law.
For example, some personal information will be available to third party companies who provide us with:
- Our HR System, accounting system and HR-related services
- Services in relation to criminal record screening,
- Services in relation to online training, e.g. Educare (read their Privacy Policy) and InfoSec (read their Privacy Policy)
- Auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under a contractual prohibition of using the personal information for any other purpose.
Recognition and Accreditation
If you apply for a university-validated programme, your personal information will be shared with the validating university and government agencies, such as the Higher Education Statistics Agency, as and when required. Please read HESA’s Privacy Policy.
The RAD is recognised to award qualifications on the Regulated Qualifications Framework (RQF) in England by the Office of Qualifications and Examinations Regulation (Ofqual), in Wales by Qualifications Wales, and in Northern Ireland by the Council for the Curriculum, Examinations and Assessment (CCEA). The RAD is also recognised to award qualifications on the Scottish Credit and Qualifications Framework (SCQF), by SQA Accreditation, a part of the Scottish Qualifications Authority.
The RAD is validated by the Council for Dance, Drama and Musical Theatre (CDMT) as an awarding organisation.
We may be required to submit data which includes personal information to one or more of the named organisations in order to comply with their conditions of recognition, maintain the RAD’s status as a recognised awarding body and for quality assurance purposes.
In addition in order for students to be approved for access arrangements (special requirements in order to sit exam e.g. extra time), we are required to share their full name, date of birth, gender, UCI and ULN number and evidence of SEND requirements with JCQ. For more information on how your information is used, please see their Privacy Notice.
Other Third Party Providers
We use:
- Senses Direct for the mailing and distribution of RAD publications and membership services to members in Australia. Read their Privacy Policy.
- MailChimp, to deliver our e-newsletters. By signing up to our e-newsletter you acknowledge that the information you provide will be transferred to MailChimp for processing in accordance with their Privacy Policy and Terms. We gather statistics around email opening and clicks using industry standard technologies to help us to monitor and improve our e-newsletters. You will stay subscribed, unless you unsubscribe, which you can do at any time by clicking ‘unsubscribe’ in the footer of each email. However, within any 24 month period, we may ask inactive subscribers to reconfirm consent.
- SurveyMonkey® to run surveys and to collect feedback from our members and customers on a variety of topics, services, products and events. Some surveys are anonymous and in those circumstances we collect information about location and which questions were skipped etc. If you choose freely to provide your contact details we will only keep your personal information for a stated duration (communicated at the time of completing the survey) which is likely to be the timeframe within which the review or survey will be completed. Read their Privacy Policy.
- Try Booking for online ticketing and registration for events (including workshops, masterclasses, CPD and a range of free events or activities). The RAD only collects and stores your personal information in order to register and facilitate your attendance at the ‘event’ and to request feedback post-event. We will not use your personal information for marketing and communications purposes unless you have expressly opted in to receive ongoing marketing materials or have sign up for an e-newsletter. Please read Try Booking’s Privacy Policy.
- Google Analytics to monitor the traffic on our website and helps us improve its usability by understanding how you use information and how you navigate through it. It collects information anonymously and reports website trends without identifying individual visitors. Read their Privacy Policy.
- We also use third party providers Sagepay (read their Privacy Policy and Terms); Global Payments (read their Privacy Statement and Terms); Just Giving (read their Privacy Policy); Charity Choice (read their Privacy Policy) and PayPal (read theirPrivacy Policy) to securely process and store financial information.
We (RAD) DO NOT store your card details on our systems for use in future transactions.
Social Media Platforms
If you engage with the RAD on any of our social media channels you should know that we do not collect your personal information it remains within the platform that we are using and so you should familiarise yourself with their privacy notices and policies: Facebook, Twitter, Instagram, LinkedIn and YouTube. The Royal Academy of Dance may use information you provide to share updates, news and events, in the form of customised online advertising. If you send us a direct message, your information still remains within the platform unless we ask you to provide us with your contact details to continue the conversation offline or privately, and you consent to do that.
Cookies
Many websites uses ‘cookies’ which are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. We do not use cookies on our website, but we do use Google Analytics which monitors the traffic on our website and helps us to improve it by understanding how information is used and navigated. Google Analytics uses its own cookies to track visitor interactions. These are used to store information, such as what time you visited, whether you have been on the site before, and which site referred you to ours. All cookies set by Google Analytics for our website, send data only to our servers and are not shared with any other sites.
Information is collected anonymously and website trends are reported without identifying individuals.
To provide you with more choice on how your data is collected, Google has developed a browser add-on which allows you to opt out of being tracked by their cookies.
When installed, information about your visit will no longer be sent to them.
More information is available at www.royalacademyofdance.org/cookies.
Your choices and individual privacy rights
You have a choice about whether or not you wish to receive information from us. If you give permission to receive communications about the work of the RAD and our products, services and events, you can select your choices by ticking the relevant boxes on the form on which we collect your information.
We will not contact you for marketing purposes by post, email, or text message unless you have given your explicit permission. You can change your preferences, withdraw your consent, object or ask for processing to be restricted at any time by contacting us by email at info@rad.org.uk or tel +44 (0) 207 326 8070 or writing to Data Protection Officer, Royal Academy of Dance, 36 Battersea Square, London, SW11 3RA.
You have the right to ask for a copy of the personal information that the RAD holds about you. Please contact ipoguedp@rad.org.uk or write to Royal Academy of Dance, 36 Battersea Square, London, SW11 3RA. We will respond to you as soon as possible and usually within one calendar month.
You also have the right to have your information erased, to object and to restrict processing. If you wish to do this please contact ipoguedp@rad.org.ukor write to Royal Academy of Dance, 36 Battersea Square, London, SW11 3RA.
Children
We are particularly concerned to protect the privacy of children. We are confident that our systems and processes are designed to be fair to children, to protect their rights and freedoms, and to be fully in line with their reasonable expectations and those of their parents. We take responsibility for identifying the risks and consequences of processing children’s data. Sometimes we may need to check your age, which might mean we need to contact your parent or guardian.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take the necessary steps to ensure that it’s treated securely. The RAD’s website is built in HTTPS. The principal motivation for HTTPS is authentication of the website and protection of the privacy and integrity of the information exchanged while in transit. So you can be assured that any personal information that requires extra security (such as credit or debit card details) is encrypted and protected using industry standard security measures, including the Secure Socket Layer (SSL) protocol. While we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, via email for example and you do so at your own risk.
Once we receive your information, we make all reasonable efforts to ensure its security on our systems. We work with third-party developers and system hosts who meet international security standards including anonymisation scripts.
Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
For processing payments
Where you use your credit or debit card to purchase from us or to make a donation, we will ensure that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Find out more about PCI-DSS. We do not store your card details for use in future transactions.
Links to other websites
Our website may contain links to other websites run by other organisations. This privacy notice applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to Royal Academy of Dance offices in countries outside the European Union (EU). These countries may not have similar data protection laws to the UK. By submitting your personal data, you agree to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Notice.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
Questions and complaints
Any questions regarding this Privacy Notice and our privacy practices should be sent by email to ipoguedp@rad.org.uk or telephone +44 (0)207 326 8000.
If you have a complaint about our privacy practices and the way we have collected, used, retained or disposed of your information please contact ipoguedp@rad.org.uk or telephone +44 (0) 207326 8000. Alternatively, you can contact the Information Commissioner’s Office to report a concern by calling their helpline on 0303 123 1113 (in the UK). Alternatively, you can contact the equivalent national privacy authority in your country, if outside the UK.
Privacy Notice review
We review this notice annually or as and when changes in legislation or internal procedures require it. This notice is reviewed by the Information Management Committee, Executive Board and Board of Trustees.
Departmental Privacy Notices
For each area of the RAD’s business we have outlined specifically how we collect, use, store your information and how long we keep it.