Delfont Mackintosh Theatres Privacy Policy

About Us

Delfont Mackintosh Theatres Limited of 1 Bedford Square, London, WC1B 3RB (“Delfont Mackintosh”) is the controller of the personal data described in this Privacy Notice.

This privacy notice covers the processing of your personal data by Delfont Mackintosh. Delfont Mackintosh is required under data protection legislation to notify you of the information contained in this Privacy Notice.

As such, any references in this Privacy Notice to “we”, “our”, “us” etc will be interpreted as a reference to Delfont Mackintosh.

This Privacy Notice applies to the following websites:

delfontmackintosh.co.uk
tickets.delfontmackintosh.co.uk
buytickets.delfontmackintosh.co.uk
gielgudtheatre.co.uk
noelcowardtheatre.co.uk
novellotheatrelondon.info
princeedwardtheatre.co.uk
princeofwalestheatre.co.uk
sondheimtheatre.co.uk
victoriapalacetheatre.co.uk
wyndhamstheatre.co.uk

Our websites are not intended for children, and we do not expect to collect personal data relating to children. As such, this Privacy Notice is written for adults.

What personal data do we hold?

The personal data we hold on you and how we use it will vary depending on the nature of your relationship with us.

We will collect, process and store personal data about you. This personal data may include:

  • the personal data that you provide by filling in forms on our site, including information provided at the time of registering to use our site, purchasing tickets online, providing feedback in our post-visit surveys, filling in our mailing list and hospitality and groups / education online forms (including name, address, contact details, account log-in details and billing/payment information);
  • details of your visits to our site, including records of transactions carried out on the site and the fulfilment of the booking;
  • if you contact us, records of that correspondence;
  • information about the frequency of visits to our websites, the pages you have visited, the length of time spent on our websites and your other activities on, and use of, our websites;
  • video footage captured by CCTV cameras inside and outside our theatres;
  • video and audio footage captured by body worn recording devices used by our outsourced security providers;
  • information relating to your accessibility needs to enable you to visit our theatres; and
  • if you apply to work with us, the information you have provided to us (such as in your curriculum vitae, covering letter, application form and/or during any interview(s)) This may include your name, title, postal address, telephone number, personal email address, date of birth, gender, employment history, and qualifications. We may also collect, store and use more special category personal data about: (a) your race or national or ethnic origin, religious, political, philosophical or moral beliefs, or your sexual life or sexual orientation; and (b) genetic or biometric data, (c) your health (including any medical condition, health and sickness records); and any criminal convictions and offences (together “Sensitive Personal Data”).

We collect the personal data described above directly from you when you send us information (for example, by contacting us or registering with us) or indirectly from you when you visit our theatres or websites for example CCTV or body worn camera footage from inside and outside of our theatres (where CCTV or body worn cameras are in operation, we will display appropriate signs or inform you that your image may be recorded) and from your browsing activities whilst on our websites – (for further information on this, please see our Cookies Notice). If you apply to work with us, we may also collect information from recruitment agencies, the Disclosure and Barring Service (“DBS”) in respect of criminal convictions, and your named referee(s).

How and why do we use your personal data?

We process your personal data so that we can perform our everyday functions, including where you have given your consent, for our legitimate interests and to perform a contract with you.

We only use this personal data in cases in which it is necessary in relation to the offering or provision of the services and/or products that we provide. For example, we may use your personal data: to contact you to discuss our services and products (and any changes to them); to respond to any questions or concerns you have raised; to deal with administrative matters such as invoicing and renewal; and to otherwise carry out our obligations arising under a contract and to enforce the same.

In particular, we use your personal data:

  • Where we have obtained your consent (and before any withdrawal of your consent – see below), including to:
    • meet your needs for accessing our theatres;
    • provide you with information on products or events and other information we think you might ike.
  • Where it is necessary for the performance of a contract with you (or to take steps at your request before entering into a contract). Including to:
    • notify you about changes to our service;
    • create and manage your account with us;
    • provide you with products or services (e.g. tickets or gift vouchers);
    • confirm your booking for a production, and to send you communications in connection with your transaction and the show you attend; and
    • send you emails about your account or a ticket purchase.
  • In line with our legitimate business interests to:
    • ensure that content from our site is presented in an effective manner for you and for your computer;
    • send you emails to ask you if you would like to provide feedback on a show you attended;
    • conduct market research and analysis to better understand trends and patterns in ticket sales, to improve our services, and to inform future marketing activities;
    • enforce legal rights or defend legal proceedings;
    • prevent and detect fraud and other crime (including: (a) protecting our theatres and assets from damage, disruption, vandalism and other crime; (b) to act as a deterrent against crime; and (c) to support law enforcement bodies in the prevention, detection and prosecution of crime);
    • ensure compliance with our rules and procedures; and
    • maintain the security of our theatres and for the personal safety of visitors, staff and other members of the public; and
    • decide, if you apply to work with us, whether to appoint you to the relevant role since it would be beneficial to our business to appoint someone and to enter into an employment contract with you. This may involve assessing your skills, qualifications, and suitability for the relevant role; carrying out background and reference checks, where applicable; communicating with you about the recruitment process; keeping records related to our hiring processes; and complying with legal or regulatory requirements.

We will not use your personal data for any other purposes unless we are required to do so by law, in connection with any legal proceedings or any regulatory obligations, or in order to establish, exercise or defend our legal rights.

Where we have relied on our legitimate interests to process your personal data, this will be where we have a business or commercial reason to use your personal data, provided this is not overridden by your own rights and interest. You may contact us to obtain more information, including in relation to our assessment of the impact on you.

If you are applying to work with us, we will use your Sensitive Personal Data in the following ways:

  • we will use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process;
  • we will only use information about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to enable meaningful equal opportunity monitoring and reporting; and
  • if you are applying to work with us in an eligible role (e.g. a role involving working with children), we envisage that we will collect and process information about your criminal convictions history if we would like to offer you the work (conditional on checks and any other conditions, such as references, being satisfactory). We would carry out a criminal record check (where required or entitled) in order to satisfy ourselves that there is nothing in your criminal convictions history which makes you unsuitable for the relevant role. In particular, we would be legally required to carry out a criminal record check for an eligible role involving working with children. We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such personal data.

Please note that if you are applying to work with us and you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require a credit check or references for the relevant role and you fail to provide us with the relevant details, we will not be able to take your application further.

Who do we share your personal data with?

Your personal data will be shared internally amongst our staff but they will only use it to carry out their duties in line with the purposes set out above. We will need to share your personal data with others from time to time, including to:

  • any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries;
  • the external third party ‘TixTrack Inc’, a third party provider of ticket software solutions, for the purposes described in the ‘How and why do we use your personal data’ section above;
  • the external third party ‘Microsoft Corporation’, a technology company who provide us with web hosting services and online products and services, for the purposes described in the ‘How and why do we use your personal data?’ section above;
  • other third party providers where appropriate to support the offering and provision of our services and/or products including provision of security, data analytics and website functionality;
  • our professional advisers, such as our accounting, legal advisers where they require that personal data in order to provide advice to us;
  • any court, law enforcement agency or regulatory authority in accordance with our legal obligations;
  • if another entity acquires us or our assets, your personal data may be disclosed to that entity as part of the due diligence process and, if the acquisition goes ahead, your personal data will be transferred to that entity;
  • our group’s service providers for the provision of specific business operations (such as IT service providers, banks and mailing houses, and marketing agencies), but only if we have a written agreement in place with such providers to ensure they take appropriate measures to protect your personal data;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to protect the rights, property or safety of our organisation, our customers or others;
  • to successors in title or replacement operators of all or part of our organisation, subject to the personal data being used for the same purposes as originally specified; and
  • if you are applying to work with us, the DBS, your named referee(s) in order to obtain a reference and/or search/recruitment consultancies.

Our third-party service providers (including, for example, TixTrack Inc, Microsoft Corporation and the DBS) must take appropriate security measures to protect your personal data and must not process it for their own purposes. They can only process your personal data for specified purposes and in accordance with our instructions.

We will occasionally share limited personal data (such as your postcode) and anonymised sales data with third party audience insight agencies who will help us to analyse the demographics of people buying our tickets. This helps us to better understand trends and patterns in ticket sales, improve our services and inform marketing activities (e.g. by ensuring more targeted marketing strategies going forwards). We instruct these third parties not to combine postcode information with any other details that could identify an individual. We also use a third party artificial intelligence solution to analyse responses to post ‐ visit surveys.

Sometimes the producers of our shows will ask us to provide them with information relating to our sales of their tickets so that they can conduct their own market research and analysis for these same purposes. Any information that we provide in these circumstances cannot be used to identify you (as it is non-identifiable, aggregated or anonymised information). For example, this information could include aggregated information that cannot be associated with you about patterns in ticket sales.

Additionally, we might share your personal data with a producer so they can contact you directly about their other shows. Before we share your personal data with any of our producers for direct marketing purposes, we will get your express opt-in consent. We do this when you make a booking online by asking you if you wish your personal data to be shared with the producer of the show you are booking to see. If you do not wish to receive marketing information from the producer, please ensure you do not tick the opt in option. You can ask the producer to stop sending you marketing at any time. The producer will become the Controller of the personal data that we provide and, as such, will be responsible for handling it in a way that complies with data protection legislation. You should refer to their privacy notice for further information regarding their use of your personal data. Our current list of producers can be found here.

When making a booking online, you will be asked if you wish to be sent information about other productions in our theatres. You will also be asked if you wish to receive information from other carefully selected Arts / Cultural third party organisations. If you do not wish to receive marketing information from Delfont Mackintosh, our group or from third party organisations, please ensure you do not tick the opt in option. You can opt out of these marketing communications at any time.

We never disclose personal data to third party advertisers without your consent. Delfont Mackintosh is not responsible for the content or data protection / privacy policies of third party websites connected to our site.

Where and how is your personal data stored and kept secure?

Your personal data is stored on servers located within the UK and/or the EEA. From time to time, it may be necessary for us to transfer your personal data out of the UK where, for example, electronic services and resources are based outside of the UK or to service providers that carry out certain functions on our behalf. Whenever we transfer your personal data out of the UK to service providers, we ensure a similar degree of protection is afforded to it by ensuring that the following safeguards are in place: We will only transfer your personal data to countries that have been deemed by the UK to provide an adequate level of protection for personal data or where there are appropriate safeguards in place.

We have appropriate security measures to prevent your personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How long will we keep your personal data?

We retain your personal data for no longer than is necessary for the purposes for which the personal data is collected. When determining the relevant retention periods, we will take into account factors including:

  • legal obligation(s) under applicable law to retain data for a certain period of time;
  • statute of limitations under applicable law(s);
  • (potential or actual) disputes; and
  • guidelines issued by relevant data protection authorities.

Otherwise, we securely erase or anonymise your personal data once it is no longer needed.

Please note that if you are applying to work with us, we will retain your personal data for a period of up to 12 months after the closing date for the relevant application, unless your application is successful (in which case we will keep your personal data for longer). We retain your personal data for that period so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted the recruitment exercise in a fair and transparent way. After this period, we will securely destroy your personal data in accordance with applicable laws and regulations.

Your rights

You have the following rights regarding your personal data :

1 Right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this Privacy Policy.
2 Right of access
You have the right to obtain access to your information (if we are processing it), and other certain other information (similar to that provided in this Privacy Policy).
3 Right to rectification (or correction)
You are entitled to have your information corrected if it is inaccurate or incomplete.
4 Right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
5 Right to restrict processing
You have rights to ‘block’ or suppress further use of your information in certain circumstances (for example, if you contest the accuracy of the information). When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
6 Right to data portability
You have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
7 Right to withdraw consent
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful).
8.Right to object to processing
In addition to the above rights, you also have the right to object to certain types of processing, in certain circumstances. In particular, you have the right to object at any time to the processing of your personal data for direct marketing and in other situations, such as where we use your personal data for our legitimate interests.

To exercise any of these rights at, any time, you can contact us using the details set out at the end of this Privacy Notice. When contacting us, please (a) provide enough information to identify yourself and any additional identity information we may reasonably request from you; and (b) let us know which right(s) you want to exercise and the personal data to which your request relates.

Changes to this Privacy Notice

From time to time we may make changes to this Privacy Notice to ensure that it is accurate and up to date and to reflect any changes in the law. This Privacy Notice was last updated on 20 December 2024.

We are constantly looking for new ways to improve this website, and we may update it at any time.

It is important that the personal data we hold about you is accurate and current. To this end, please do keep us informed if your personal data changes during your relationship with us.

Contacting us and making a compliant

Please do contact us if you have any requests, questions or complaints about this Privacy Notice or about how we handle your personal data by post, email or telephone using the following details:

Address: 1 Bedford Square, London, WC1B 3RB

Email: Customer Services

Call Us on 0344 482 5151

Calls to Delfont Mackintosh Theatres 03 numbers cost no more than a national rate call to an 01 or 02 number.

If you are calling from overseas, please use the following:

Call Us on +44 20 7741 6222

We hope we will be able to resolve any issues you have but if you are not satisfied with our response or you believe our use of your personal data does not comply with data protection law, you can also make a complaint to the UK regulator in relation to data privacy, the Information Commissioner. The Information Commissioner may be contacted on www.ico.org.uk or by telephone at 0303 123 1113.