Privacy Policy
1. Introduction
At Making Theatre Work (accessible at makingtheatrework.com), we value your trust and are committed to upholding your privacy and protecting your personal data. This Privacy Policy outlines how we collect, use, store, and disclose your information in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Your right to privacy is central to our philosophy. We implement strict safeguards and give you control over your data choices.
2. Scope of the Policy and Role of Data Controller
This Privacy Policy applies to all users of makingtheatrework.com and the services provided through the website. Making Theatre Work is the data controller for the purposes of applicable data protection laws, meaning we determine the purposes and means of processing your personal data. If you have any questions about how your data is collected or used, please contact us at [email protected].
3. Categories of Data We Process
We may collect and process the following categories of data:
– Usage Data: Includes information about how you use our website and services, such as your IP address, browser type, device identifiers, time zone, and pages visited.
– Account Data: Includes details provided when creating or managing an account, such as your full name, mailing address, email address, phone number, and login credentials.
– Profile Data: Includes your preferences, past purchases, behavior in interacting with our content, and any self-reported interests or profile customizations made while using makingtheatrework.com.
– Communication Data: Includes contact form submissions, support inquiries, emails, chat history, and any other communication you have with our team.
– Technical Data: Includes system information such as your device type, operating system, and software configurations necessary to optimize website performance.
– Transaction Data: Includes purchase history, payment method, billing and shipping information, and transaction timestamps.
– Preference Data: Includes your responses to marketing choices, subscribed newsletters, stated interests regarding products and services, and cookie consent data.
4. Legal Bases for Data Processing
We process your personal data only when we have a valid legal basis to do so under applicable data protection laws, including:
– Consent: Where you have granted your consent for specific purposes, such as receiving marketing emails.
– Contractual Necessity: Where processing is necessary to fulfill a contract or to take steps at your request before entering into a contract (e.g., account setup, responding to service inquiries, or processing orders).
– Legitimate Interests: Where necessary for our legitimate business interests, provided those interests do not override your rights and freedoms (e.g., analytics to improve user experience, fraud prevention).
– Legal Obligation: Where required to comply with a legal or regulatory obligation.
5. Your Rights
Under the GDPR and CCPA, you have specific rights in relation to your personal data. These include:
– Right to Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You can request correction of inaccurate or incomplete data.
– Right to Erasure: You may request that we delete your data, subject to certain exceptions.
– Right to Restriction: You may request limited processing of your data under certain circumstances.
– Right to Data Portability: You may request a copy of your data in a structured, machine-readable format, and transfer that data to another provider.
– Right to Object: You may object to processing of your data in certain situations, especially when based on legitimate interest or for direct marketing purposes.
You may exercise these rights by contacting us directly at [email protected]. We will respond to all requests in accordance with applicable laws.
6. Security Measures
We implement a range of sophisticated security measures to safeguard your personal data from unauthorized access, loss, misuse, or alteration. These measures include but are not limited to:
– Data encryption in transit and at rest
– Role-based access controls and regular access reviews
– Routine security audits and monitoring
– Staff training in data protection best practices
– Secure and encrypted data backups for business continuity
7. International Data Transfers
Your personal information may be transferred, stored, or processed outside of your country of residence, including in jurisdictions that may not offer the same level of data protection. Where such international transfers occur, we use appropriate safeguards, such as the Standard Contractual Clauses approved by the European Commission or another lawful basis under data protection laws, to ensure the continued protection of your data.
8. Data Retention
We retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Retention periods vary depending on the type of data:
– Usage and Technical Data: Retained up to 12 months for analytics purposes
– Account and Profile Data: Retained for the lifetime of the account and up to 24 months after closure
– Transaction Data: Retained for 7 years for tax and compliance purposes
– Communication Data: Retained for 24 months
– Preference Data: Retained for the duration of the marketing engagement or until consent is withdrawn
Upon expiration of the applicable retention period, data is securely anonymized or permanently deleted.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experience, analyze site usage, and support marketing efforts. Types of cookies used include:
– Essential Cookies: Necessary for basic website functions (e.g., account login, navigation).
– Functional Cookies: Enable enhanced functionality and personalization (e.g., saving language or region preferences).
– Analytics Cookies: Collect information on website usage to help us improve performance and usability (e.g., page visit frequency).
– Performance Cookies: Monitor and optimize the responsiveness of our website under various conditions.
We do not use cookies to track users across unaffiliated websites or to sell personal data.
10. Cookie Management and Compliance
Consent for non-essential cookies is obtained through our cookie banner when you first visit makingtheatrework.com. You may change or withdraw your cookie preferences at any time using our cookie settings interface. In compliance with GDPR and CCPA, we honor browser Do Not Track signals where technically feasible, and we provide opt-out mechanisms for cookie-based tracking where required by law.
11. Children’s Privacy
Making Theatre Work does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have collected personal data from a child under 13 without verifiable parental consent, we will delete that information promptly. If you believe we might have any information from or about a child under 13, please contact us at [email protected].
12. Policy Updates
We reserve the right to update this Privacy Policy as necessary to reflect changes in our data practices or to comply with legal obligations. Significant changes will be communicated via website notifications or direct email where appropriate. We encourage you to review this policy periodically to remain informed about how we protect your privacy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us at:
Email: [email protected]
Website: https://makingtheatrework.com
We are committed to ensuring your personal data is handled responsibly, transparently, and in full accordance with applicable data protection regulations. Please reach out with any privacy concerns, and we will respond promptly and thoroughly.