Privacy Policy

PRIVACY POLICY

1. Commitment to Privacy and Data Protection

At theatrhafren.com, we are deeply committed to protecting and respecting the privacy and personal data of our users. We view data protection as a fundamental right and adopt a privacy-first approach in all our services and operations. This Privacy Policy outlines how we collect, use, store, disclose, and protect your personal information when you visit our website or otherwise engage with us. We are dedicated to ensuring the confidentiality, integrity, and lawful handling of personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all visitors and users of the website theatrhafren.com and any interactions you have with us through online platforms or by contacting us directly.

Theatr Hafren is the data controller with respect to the personal data we collect and process via this website. As data controller, we determine the purposes and means of processing your personal data in line with applicable legal obligations and user-centric privacy principles.

If you have any questions regarding this policy or your personal data, you may contact us at [email protected].

3. Categories of Data Processed

We may process various categories of personal data depending on your interactions with our website and services:

a) Usage Data
We may collect data on how you interact with the website, including your browser type, IP address, session timestamps, referring URLs, pages visited, time spent on pages, and other analytical data. This information helps us improve website functionality and user experience.

b) Account Data
When you register an account or purchase tickets, we collect information such as your full name, billing or residential address, email address, and telephone number.

c) Profile Data
This includes details about your interests, event preferences, past purchases, and interaction behaviors that help us tailor services to your interests.

d) Communication Data
We record and may store communications sent to or from us, including customer support queries, email correspondence, and feedback forms, to ensure service quality and responsiveness.

e) Technical Data
We may collect your device type, hardware model, operating system, browser settings, network type, and configuration data related to system diagnostics and website performance metrics.

f) Transaction Data
If you make purchases, such as tickets or merchandise through theatrhafren.com, we collect payment information, billing details, and any relevant delivery or logistical data necessary to complete your transaction.

g) Preference Data
We store preferences related to your communication and marketing settings, such as newsletter subscriptions, product interest categories, notification settings, and your consent status for direct marketing communications.

4. Legal Bases for Processing

We process personal data only when permitted under applicable data protection laws. Our lawful bases include:

– Consent: Where you have given clear permission for us to process your personal data for specific purposes, such as subscribing to newsletters.
– Contractual Necessity: When the processing is necessary for the performance of a contract, such as fulfilling a ticket purchase order.
– Legitimate Interest: Processing necessary for our legitimate interests, such as improving our services, preventing fraud, and ensuring website security, provided such interests are not overridden by your data protection rights.
– Legal Obligation: Where processing is necessary to comply with legal requirements, such as tax or transaction records.

5. Your Rights

Subject to applicable data protection laws (including GDPR and CCPA), you have the following rights in relation to your personal data:

– Right of Access – You may request confirmation as to whether we are processing your personal data and obtain a copy of it.
– Right to Rectification – You have the right to correct any inaccurate or incomplete data we hold about you.
– Right to Erasure – You can request that we delete your personal data under certain conditions.
– Right to Restrict Processing – You may request the restriction of processing where there is a dispute regarding the accuracy or legal basis of the data.
– Right to Data Portability – You may request that we provide you or a third party with a copy of your data in a structured, commonly used, and machine-readable format.
– Right to Object – You may object to the processing of your personal data when it is based on legitimate interests or used for direct marketing purposes.
– Right to Withdraw Consent – Where processing is based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

To safeguard your personal information, we implement robust technical and organizational security measures, including:

– Secure encryption protocols (HTTPS, TLS) for data in transit.
– Role-based access controls for internal personnel handling personal data.
– Routine automated and manual system backups.
– Continuous monitoring for unauthorized access or unusual activity.
– Staff training on data protection obligations and security awareness.

We strive to protect your data from loss, misuse, unauthorized access, disclosure, alteration, and destruction.

7. International Transfers

If and when personal data is transferred outside the United Kingdom or the European Economic Area (EEA), we ensure appropriate safeguards are in place. This may include the use of Standard Contractual Clauses approved by the European Commission or other mechanisms that provide adequate protection under GDPR. For residents in California and the wider U.S., we commit to handling data according to CCPA principles and regional requirements.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting obligations. Standard retention periods include:

– Account information and purchase history: 7 years after last account activity.
– Communication records: Up to 3 years from the last correspondence.
– Marketing and preference data: Until you withdraw consent or unsubscribe.
– Technical and Usage Data: Retained for 12 months before anonymization.

After the expiry of retention periods, data will either be securely deleted or anonymized for analytical use.

9. Cookie Policy

We use cookies and similar technologies on theatrhafren.com for multiple purposes, including:

– Essential Cookies: Required for core site functionality and security.
– Functional Cookies: Enable site enhancements such as language preferences.
– Analytics Cookies: Help us understand website traffic and user behavior with tools such as Google Analytics.
– Performance Cookies: Monitor and improve website speed and response rates.

You may encounter both first-party (set by us) and third-party cookies (set by service providers).

10. Cookie Management and Compliance with GDPR & CCPA

Upon your first visit to theatrhafren.com, a cookie banner enables you to accept or refuse non-essential cookies in compliance with GDPR and CCPA. You may adjust your cookie preferences or withdraw consent at any time via the site’s Cookie Settings or your browser controls.

California residents have the right to opt out of the sale of personal information. We do not sell your personal data, including cookie-related identifiers.

11. Special Protections for Children Under 13

Our services are not directed at, nor intentionally collect personal information from, children under the age of 13. If we become aware that such information has been inadvertently collected, we will delete it promptly. Parents or guardians who believe that we may have collected personal information from a minor should contact us immediately at [email protected].

12. Policy Updates and User Notifications

We may update this Privacy Policy from time to time to reflect changes in legal, technical, or operational standards. Any material changes will be communicated via the website or via email when appropriate so that you remain informed about how we protect your data.

We encourage you to review this policy periodically to stay informed of your rights and our obligations in handling your personal information.

13. Contact Information

If you have any questions, requests, comments, or concerns regarding this Privacy Policy or how we handle your personal data, please contact us using the following details:

Email: [email protected]
Website: https://theatrhafren.com

We are committed to upholding your privacy and working to resolve any issues or inquiries regarding your personal data in a fair, transparent, and timely manner.

This Privacy Policy is designed to comply with the GDPR, CCPA, and other applicable data protection regulations. Please contact us should you have any privacy concerns or wish to exercise your rights.