PRIVACY POLICY

Introduction

Music Canteen respects your privacy and understands that privacy is important to you and that you care about how information about you is used, so this privacy policy sets out details about what data we collect and how we use it.

Visitors to our websites

Where we collect personal data via our website, we will be upfront about it and it will be obvious to you that you’re providing personal data and how we will be using it. Our website uses a CMS (content management system) hosted on our own dedicated servers.

Google Analytics

When someone visits our website (http://www.musiccanteen.co.uk) we make use of the Google Analytics service to collect standard information about visitors to the sites and their behaviour (e.g. what pages they viewed). The data provided by Google Analytics is anonymised and in no way enables us to identify individual visitors, however, Google Analytics will place a cookie on your device to enable the service. For more information about how Google Analytics cookies work on websites visit: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage. We also make use of the Facebook Pixel in order that we can use Facebook as a means of marketing to potential customers.

Use of cookies

As well as the Google Analytics cookies we also use cookies in a number of ways to improve the performance of our site. You can read more about how we use Cookies in our Cookies Policy.

Online forms

If you fill out one of our contact forms on our website a notification email is sent to the relevant team within Music Canteen, but the data you supply is stored within a database on the same private server network as our website. 

Online orders

When you place an order via our website we will ask for your name, address, contact information and other information relevant to the order. This information will only be used for the purposes of delivering the services we are providing; however, data may be shared with third party service providers for the purposes of delivering the service (e.g your details will be shared with delivery companies.)

Hosting

Where your data is stored on our own servers, it is stored on our own dedicated hardware. This hardware is co-located, in the UK, at the ISO27001 RapidSwitch/Iomart data centre in Portsmouth. None of your data is stored or transferred outside the UK and therefore not transferred outside the EEA.

Security

We manage the security of our services and therefore your data ourselves. 

Customer data

All the data we hold on our customers is available via our site http://www.musiccanteen.co.uk. Where you have completed a Booking Form and sent this to us physically, this is stored in a locked cabinet is only accessible to the relevant members of staff.

Our newsletters

We use MailChimp or Campaign Monitor for delivering our email newsletters. As noted above we make use of a tracking cookie to track the way our newsletters are read. Only your name and email address are ever shared with these services. Every time you receive our email newsletter we will include a link to enable you to unsubscribe should you wish to stop receiving them. We honour such requests.

Call our office

If you call our support line, we will already have your information stored in our customer database. We may use this information to verify your identity before helping with your enquiry. We will update our records with details of your query and if required note information that was given to you. If you call our us and are a potential customer, we will ask for the minimal information we need to provide any information relating to your call. The details will be stored in our CRM for the purposes of following up with you further to the discussion; if you become a customer your details will be stored in our CRM (Customer Relationship Management) System.

Email

Any emails we receive are stored locally on our computers within our email client. Access to them is protected via Windows User accounts and we also use Windows Encryption. We also scan the email for viruses when it arrives on our servers and again before it is delivered to our local computers. All our email services are provided by Office 365.

Social Media

We use a third-party provider, Hootsuite, to manage our social media accounts. We primarily use Hootsuite for the purposes of sharing our marketing messages across our social media platforms (the ones supported by Hootsuite). However, from time to time we may make use of additional Hootsuite functionality which allows us to use Hootsuite to collect together certain aspects of your personal data available to us via our connections on social media. More information about this functionality in Hootsuite can be found here: https://hootsuite.com/legal/privacy#customer-content

Employee data

When someone joins our team, we will only collect and ask for personal information that is required for being an employee. We will keep these records during your employment and for up to 6 years after termination of your employment. We will also keep your payroll records up to 7 years. If we record working time records, we retain these for 2 years and any immigration check information for 2 years. All the information will be stored, within our systems, securely.

Recruitment

If you send us application forms or your CV, we will keep the information for as long as we’re considering your application. If you become an employee, the information will be added to your personnel file and kept in line with our policy on keeping employee records. If your application is unsuccessful we will delete the information after 6 months unless you consent to us retaining them for any longer (for example for any future opportunities). All the information will be stored, within our systems, securely.

Retention

Unless stated elsewhere in this document or in our terms of services we only store the data necessary to provide the services we provide to you. We will keep this data for as long as it is lawful for us to do so (this may be for as long as you are a customer or because of a legal obligation to retain the information, whichever is the longest).

Third party processors

We use a small number of third party applications in order to manage our business. These include:
  • CRM (Customer Relationship Management)
  • Email Marketing (MailChimp and Campaign Monitor)
  • Email System (via Office 365)

Your rights

Under current data protection legislation in the UK, you have rights as an individual which you can exercise in relation to the data we store and process about you. You can find more information about your rights on the Information Commissioner’s website: https://ico.org.uk/for-the-public/

Complaints

If you want to make a complaint about the way we are processing your data, you can contact us, using the contact details below. You also have the right to complain to the Information Commissioner’s Office: https://ico.org.uk/concerns

How to withdraw consent and object to processing

Where we are processing your data and needed to ask your permission to do so, you are able to withdraw your consent at any time. If you wish to stop receiving our marketing emails you can do so, by clicking on the “unsubscribe” link at the bottom or the email. Otherwise, you can contact us, using the contact details below. If you wish to raise concerns about the way we are processing your data and would like to raise an objection, then please email us via hello@musiccanteen.co.uk 

Keeping your data up to date

It is important that any of your data that we process is kept up to date. We will from time to time ask you to verify your contact details but if you wish to update any information we hold about you, please contact us using the contact details below.

Erasure of your data (the “right to be forgotten”)

Under some circumstances you may request us to delete your data from our systems. Where this is possible (e.g. we don’t have any legal purpose for continuing to process your data) we will erase it from our systems. If you wish to exercise your right to be forgotten by our services, please contact us via the contact details below.

Portability

Your right to portability allows you to request a machine-readable export of the data you supplied to us and associated service logs (where we store them). Please contact us, using the contact details below, if you wish to receive a txt export of your data.

Access to your data

You have the right to ask us about what data we hold about you, how we process it and provide you with a copy of the information, free of charge and within one month of your request. To make a request for any personal information we hold and process about you, we would prefer it if you could put it in writing or in an email to the addresses below. We will need to verify your identity before providing the information and where necessary may contact you further to ensure we understand what data you are requesting.

Disclosure of information

We do not share any personal data with any third parties unless it is lawful for us to do so or if we are required by law to do so.

More information

For more information about your data rights and privacy or data protection in general visit the Information Commissioner’s Office website: https://ico.org.uk

How to contact us

If you have any questions about how we collect and use your information not covered in this privacy policy, or if you wish to speak to someone about our approach to data protection and privacy, please contact: Music Canteen, 317 - 321 Fleet Road, Fleet, Hampshire, GU51 3BU Tel: 01252 620198

Changes to our privacy policy

We may change or update elements of this privacy policy from time to time or as required by law. The most current version of our privacy policy is available on our website at https://www.musiccanteen.co.uk


 

COOKIES

Our website uses cookies. We will ask you to consent to our use of cookies in accordance with the terms of this policy when you first visit our website. / By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.

About Cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser, and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies can be used by web servers to identity and track users as they navigate different pages on a website and to identify users returning to a website.

Cookies may be either "persistent" cookies or "session" cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies on this Website

We use both session cookies and persistent cookies on this website.

  1. ASP.NET_SessionId - standard ASP.NET cookie containing the user's session ID.
  2. ASPXFORMSAUTH (encrypted authentication ticket)[DateTime.Now.AddMinutes(timeOut/session.timeout) - where the timeout is the web.config parameter DateTime.Now.AddYears(1) - if the Remember me checkbox is set on] - authentication ticket cookie.
  3. CMSPreferredCulture (culture code)[DateTime.Now.AddYears(1)] - the user preferred culture.
  4. CMSPreferredUICulture (culture code)[DateTime.Now.AddYears(1)] - the user preferred UI Culture.
  5. ViewMode (int)[DateTime.Now.AddDays(1)] - different number value for the Design mode, Live site, etc.
  6. VisitorStatus (int)[DateTime.Now.AddYears(1)] - sets the visitor status (unknown/first visit/more visits).
  7. CurrentVisitStatus (int)[DateTime.Now.AddHours(23)] - current visit status (throughout current day).
  8. PropertyTab (int)[DateTime.Now.AddDays(1)] - current property tab.
  9. CMSShoppingCart (GUID)[DateTime.Now.AddYears(1)] - shopping cart GUID.
  10. CMSMobileRedirected (true/false)[DateTimeHelper.ZERO_TIME] - sets the redirected cookie to see what device is being used.
  11. CurrentTheme (current CSS stylesheet Name)[DateTime.Now.AddDays(1)] - current theme cookie.
  12. Campaign (campaign string)[DateTime.Now.AddDays(1)] - User campaign reference.
  13. UrlReferrer (url string)[DateTime.Now.AddDays(1)] - User URL referrer.
  14. DisplayContentInDesignMode (true/false)[DateTime.Now.AddYears(1)] - If true, web part content should be displayed in design mode.
  15. FormState (int - id)[DateTime.Now.AddMinutes(10)] - For a check if the form state needs to be restored.
  16. VotedPolls (ints and pipes)[DateTime.Now.AddYears(1)] - content will be list of the poll codenames user already voted to; separated by pipes.
  17. DocRated (ints and pipes)[DateTime.Now.AddYears(1)] - stores rated document IDs; separated by pipes.
  18. PostAnswer (string and colon)[DateTime.Now.AddMonths(1)] - list of answers.
  19. UserWords (strings with pipes)[DateTime.Now.AddMonths(1)] - stores user words for the SpellChecker; separated by pipes.
  20. FACEBOOK (cookies are being set via the Facebook application): - value from the Settings in the Site Manager - Site Manager -> Settings
  21. -> Facebook Connect
  22. _expires (hash)[at the end of relation] - When the current session expires. This is usually an hour or two after it's granted. If it's 0, then it means the session does not expire.
  23. _session_key (hash)[at the end of relation] - The current session. This is used to make API requests.
  24. _ss (hash)[at the end of relation] - The session secret. This prevents someone who knows your session key from using the session.
  25. _user (hash)[at the end of relation] - The user ID of the currently logged in user.
  26. (hash)[at the end of relation] - The signature, which will be generated from all other parameters.
  27. fbsetting_ (hash)[1day] - The last cookie is not related to the signature validation (which is why it does not start with the APIKEY prefix). It is used to cache the login state between page loads, so that the XFBML rendering does not have to wait for a round trip to Facebook before starting.
  28. WINDOWS LIVE ID (cookies are being set via the application)
  29. MSPAuth (hash)[the end of the relation]
  30. MSPProf (hash)[the end of the relation]
  31. OPEN ID (cookies are being set via the application)
  32. __openid_selector_uname (string)[1 year]
  33. __openid_selector_op_id (int)[1 year]
  34. __openid_selector_openid (string login URL)[1 year]

How we use Cookies

Cookies do not contain any information that personally identifies you, but personal information that we store about you may be linked, by us, to the information stored in and obtained from cookies.

We may use the information we obtain from your use of our cookies for the following purposes:

  1. to recognise your computer when you visit our website;
  2. to track you as you navigate our website, and to enable the use of the [specify feature – e.g. shopping cart] on our website;
  3. to improve the website’s usability;
  4. to analyse the use of our website;
  5. in the administration of this website;
  6. to prevent fraud and improve the security of the website;
  7. to personalise our website for you, including targeting advertisements which may be of particular interest to you.

Third party cookies

When you use our website, you may also be sent third party cookies.

Our advertisers/service providers may send you cookies. They may use the information they obtain from your use of their cookies:

  1. to track your browser across multiple websites;
  2. to build a profile of your web surfing;
  3. to target advertisements which may be of particular interest to you.

In addition, we use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users' computers. The information generated relating to our website is used to create reports about the use of the website. Google will store this information. Google's privacy policy is available at: http://www.google.com/privacypolicy.html.

Our advertising services providers may send you cookies for the purpose of enabling the service of advertisements based on your previous visits to our website.

Cookie Preferences

You can manage your preferences relating to the use of cookies on our website by visiting: [URL].

Blocking cookies

Most browsers allow you to refuse to accept cookies. For example:

  1. in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector;
  2. in Firefox you can block all cookies by clicking "Tools", "Options", and un-checking "Accept cookies from sites" in the "Privacy" box.

Blocking all cookies will, however, have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use the My Account or Shopping Cart Facilities on this website.

Deleting cookies

You can also delete cookies already stored on your computer:

  1. in Internet Explorer, you must manually delete cookie files (you can find instructions for doing so at http://support.microsoft.com/kb/278835);
  2. in Firefox, you can delete cookies by, first ensuring that cookies are to be deleted when you "clear private data" (this setting can be changed by clicking "Tools", "Options" and "Settings" in the "Private Data" box) and then clicking "Clear private data" in the "Tools" menu.

Doing this may have a negative impact on the usability of many websites.

Contact Us

If you have any questions about our cookies or this cookies policy, please contact us.

Cookie Consent

In order to provide complete functionality, this web site needs your explicit consent to store browser cookies. If you don't allow cookies, you may not be able to use certain features of the web site including but not limited to: log in, buy products, see personalized content, switch between site cultures. It is recommended that you allow all cookies.