Data Protection Policy

May Hill Edition sells sheet music, runs events for recorder players, and sends out an occasional newsletter about our activities.

1. Data is collected via our website and from emails purely for the purpose of running our activities:

  • Managing our music sales.
  • Managing and informing people about our events
  • Managing our newsletters

No data is passed on to third parties.

2. Data collected is name and contact details. Additional notes may be collected, typically information about availability or special requirements in relation to our events.

3. We do not normally deal with children under 16, but if we do this would always be via their parents who always remain responsible for supervising them at all times they are in contact with us in any way.

4. We are not required to register with the Information Commissioner’s Office as we are exempt under their rules. See below.

5. This policy is available on our website: www.mhe.co.uk

6. We assume that the information we are given is correct, but will amend it in our records where reliably informed it is incorrect.

7. To any person on whom we hold data, we will provide information about the contents of that data. There is currently no charge for this.

8. We normally retain data to inform people of such things as new events or publications but will delete it on request, except where there are outstanding matters in relation to sales or events.

9. We will endeavour (within the limits of our resources as a very small business) to provide data we hold in forms to those who have a right to possess it in a form which is portable.

10. Where people object to the processing by us of their data, we will normally delete it, but in exceptional circumstances may take other action – see point 8 above.

11. Data may be shared with such organisation as venues, in as far as it is necessary to facilitate the organisation of events, but it is made clear to such organisations that such data may not be disclosed to other parties, and may not be used for any other purposes.

12. We have no procedures which involve automated decision making including profiling.

13. We have a Data Protection Policy (this policy), and regularly review it (at least every year).

14. We have no contracts with outside organisations for the processing of data.

15. Data is held and accessed securely, using standard methods which are kept up to date. We do not make public how we store data, for security reasons.

18. No data that we hold is held or transferred outside the UK.

 

 

 

We are not registered with the Information Commissioner’s Office as, in accordance with the checklist on their website and their advice:

“You do not have to register if the organisation was established for not-for-profit-making purposes and does not make a profit or if your organisation makes a profit for its own purposes, as long as the profit is not used to enrich others.

You must:

  • only process information necessary to establish or maintain membership or support;
  • only process information necessary to provide or administer activities for people who
    are members of the organisation or have regular contact with it;
  • only share the information with people and organisations necessary to carry out the
    organisation’s activities,
  • only keep the information while the individual is a member or supporter or as long as
    necessary for member/supporter administration”