Soho Estates takes your privacy seriously. That is why we will only use your personal information to provide you with the services that you have requested, as well as to administer your account. We will not sell or share your information with third parties unless you grant us explicit permission to do so, and we will never use your personal data for any reason other than the purposes described within this policy.

About our privacy policy

Our privacy policy outlines your relationship with Save Soho Summer Festival. It explains in detail how we use the information that you provide us with.

About Soho Estates

Soho Estates is a company registered in the United Kingdom (Company Number 473566) and also registered with the UK’s Information Commissioner’s Office under the Data Protection Act 2018. The data controller is Soho Estates, and we encourage you to get in touch with any questions you may have about the company.

You can reach us by:

• Post: Soho Estates, 58 Wardour Street, London, W1D 4JQ
• Email: info@sohoestates.co.uk
• Website: https://sohoestates.co.uk/
• Phone: 0207 534 3333

Changing your preferences

If you’d like to change your web, contact or marketing preferences, you can do so online at any time.

How we do business

Soho Estates is committed to upholding and maintaining your personal rights. We operate our business in-line with the European Union’s General Data Protection Regulation (GDPR) and observe your rights to change or withdraw your opt-in options at any time. As part of our ongoing commitment to upholding your rights, Soho Estates will also extend advice on how you can issue formal complaints to relevant authorities, such as the Information Commissioner’s Office.

Sensitive data

Soho Estates does not collect any sensitive data about you. Sensitive data refers to (but is not limited to) information about your race or ethnic background, religious or political affiliations, trade union affiliations, sexual orientation, criminal background or health background.

Who our privacy policy applies to

This privacy policy has been developed to inform users of Save Soho Summer Festival how we use their data. Soho
Estates is a company who focuses its support on charities and projects in the local area, tackling issues affecting the communities within Soho. As well as charitable giving, we donate space in vacant units for non-profit and community organisations and start-ups, who contribute to the energy and creative spirit of the neighbourhood, and may otherwise be unable to afford to operate in the area. We also support special events, festivals and markets. As such, we need to process the data of individuals to offer our services and with this in mind, our privacy policy applies to any and all individuals registered with us as a user, customer, agent, administrator or in any other capacity.

What information this policy applies to

There is a lawful basis for processing your data, and this section of our privacy policy outlines how this applies to the personal information you provide us with or allow us to collect.

The information this policy applies to includes information that you:

• Provide as part of any registration process
• Provide as part of any campaign creation activity
• Provide as part of any support that we provide you
• Provide in the form of numerical data, metadata or communications
• Give us as part of our ongoing relationship

This policy also applies to information that we:

• Collect relating to how you interact with our website

Your rights

Under the terms of data protection legislation, you have the following rights as a result of using this website.

Right to be informed

This privacy policy, together with our cookies policy, fulfils our obligation to tell you about how we use your
information as a result of you using this website.

Right to access

You have the right to ask us, in writing, for a copy of any personal data that we hold about you. This is known as a Subject Access Request. Subject Access Requests usually are performed free of charge. Still, we may need to charge individuals for excessive or unreasonable data requests. We will send you a copy of the information within 30 days of your request.

To make a Subject Access Request, please write to our Data Protection Officer at Soho Estates, 58 Wardour
Street, London, W1D 4JQ.

Right to rectification

If any of the information that we hold about you is inaccurate, you can either:

• visit your profile section of the website where you can make online changes to most of the information that we hold about you, or
• contact our Data Protection Officer at dpo@sohoestates.co.uk. Any corrections that you request will be made as soon as possible, and certainly no later than 30 days following
  your notification.

Right to be forgotten

You can ask that we erase all personal information that we hold about you. Where it is appropriate that we comply, your request will be fully actioned within 30 days. For further information, please contact our Data Protection Officer at dpo@sohoestates.co.uk.

Right to object

You have the right to object to:

• the continued use of your data for any purpose listed in the “Data processing and storage “section of this
  privacy policy for which consent is identified as the lawful basis of processing (i.e. you have the right to
  withdraw your consent at any time); or
• the continued use of your data for any purpose listed in the “Data processing and storage” section of this
  privacy policy for which the lawful basis of processing is that it has been deemed legitimate.

In some circumstances (i.e. consent to marketing communications), you can exercise your objection by updating your preferences within your profile section of this website. For all other circumstances, you can contact our Data Protection Officer at dpo@sohoestates.co.uk.

Please note that you can also exercise your right to object to our use of cookies by following the guidance of our Cookies Policy.

Right to restrict processing

If you wish us to limit the use of your data because (i) you think it is inaccurate, but this will take time to validate, (ii) you believe our data processing is unlawful, but you do not want your data erased, (iii) you want us to retain your data to establish, exercise or defend a legal claim, or (iv) you wish to object to the processing of your data, but we have yet to determine whether this is appropriate, please contact our Data Protection Officer at dpo@sohoestates.co.uk.

Right to data portability

If you would like us to move, copy or transfer the data that we hold about you to another organisation, please contact our Data Protection Officer at dpo@sohoestates.co.uk.

Please be advised that this only applies to specific data which has been submitted by you electronically for specific purposes only. Our Data Protection Officer can provide further advice.

Consent

Please note that when you submit personal data on our website, you are giving Soho Estates your explicit consent that we can use that data in line with our privacy policy.

Opting-out

After giving Soho Estates your consent, you are free to amend your consent or withdraw your consent at any time. You have the right to object to the processing of your data. To opt-out, change your preferences or revoke your consent, simply contact us by emailing our Data Protection Officer at dpo@sohoestates.co.uk.

Data processing and storage

Soho Estates collects and stores data in the UK. We will store your data for no more than 3 years after your last
recorded login attempt unless otherwise noted and explicitly stated.

Soho Estates may process your data based on more than one legal ground.

Circumstances under which we may be required to process your data under more than one legal ground may
include:

Marketing and communications

Soho Estates may send you marketing communications if you have given us your contact details and opted-in to marketing communications.

You can opt-out of these marketing communications and manage your preferences at any time.

Our obligations

As a data controller, Soho Estates is legally responsible for the data you provide us with. In honouring that responsibility, we pledge to uphold our commitments under GDPR and the Data Protection Act 2018.

We will only ever use your data:

• In ways that are both fair and legal
• As described within this policy
• In ways that are necessary for the purposes described

Also, Soho Estates processes the personal data you submit to us, or we collect as a data processor. As part of this role, Soho Estates takes all necessary precautions to secure the personal data we collect, process and store.

We may occasionally use the data you provide us with for marketing, relationship management or account management activities. These activities are designed to ensure you have adequate information about other services we offer, that we have reason to believe you may be interested in. You have the right to opt-out of these activities at any time.

Third parties

Soho Estates never shares your personal data with third parties unless those parties have been explicitly mentioned within our privacy policy.

Our security

As part of our ongoing commitment to GDPR, Soho Estates will report any security breaches or attempted breaches to the relevant authorities within 24 hours. We will subsequently contact all those affected by the breach within 72 hours of its occurrence.

Legitimate interests

As part of the Data Protection Act 2018, Soho Estates observes the right to share selected information with third parties that use data for non-marketing purposes. This could include (but is not limited to) organisations that provide credit assessments, identification services and fraud prevention activities.

Contact us

Soho Estates is committed to upholding your rights. If you have any questions, comments or concerns about this privacy policy or wish to exercise your rights concerning your personal data, please email our Data Protection Officer at dpo@sohoestates.co.uk.

Date: 1^st June 2020