top of page

We Need Music CIC
Privacy and Data Protection Policies

​We Need Music CIC

Privacy Policy

 

At We Need Music CIC, we value your privacy and are committed to protecting the personal data you share with us. This Privacy Policy explains how we collect, use, and safeguard your personal information when you visit our website and interact with our services.

1. Information We Collect

We collect personal information that you provide to us directly through forms, email subscriptions, and other means of communication on our website. This may include:

  • Personal Identification Information: Name, email address, phone number, mailing address.

  • Payment Information: If you make a donation or purchase, we may collect payment details (Note: Wix and its payment processing partners handle financial transactions securely).

  • Usage Data: Information about how you interact with our website, such as IP addresses, browser type, device type, and pages visited.

2. How We Use Your Information

The information we collect from you may be used in the following ways:

  • To respond to your enquiries, comments, and requests.

  • To provide and improve our services.

  • To send you newsletters, updates, and marketing communications (only if you’ve opted-in).

  • To process donations or purchases.

  • To enhance the user experience on our website by analysing usage data.

3. Data Protection and Security

We use industry-standard security measures to protect your personal information from unauthorised access, alteration, or disclosure. However, no method of internet transmission or electronic storage is 100% secure, and we cannot guarantee absolute security.

4. Sharing Your Information

We will not sell, trade, or rent your personal information to third parties. We may share information in the following circumstances:

  • With service providers who help us run our website and provide our services, such as Wix and payment processors.

  • When required by law or to protect the rights, property, or safety of We Need Music CIC, our users, or others.

  • With your consent, if you have agreed to share your information for a specific purpose.

5. Cookies and Tracking Technologies

We use cookies and other tracking technologies to improve your experience on our website. Cookies help us remember your preferences, track site usage, and analyze website performance.

By using our website, you consent to the use of cookies. You can manage your cookie preferences through your browser settings.

6. Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal data:

  • The right to access the data we hold about you.

  • The right to correct any inaccuracies in your personal information.

  • The right to request the deletion of your personal data (subject to legal obligations).

  • The right to withdraw consent to processing (where applicable).

If you wish to exercise any of these rights, please contact us at [your contact email].

7. Third-Party Links

Our website may contain links to third-party websites. These websites have their own privacy policies, and we are not responsible for their content or privacy practices. Please review their privacy policies before providing any personal information.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and we encourage you to review it periodically. Your continued use of the website after any changes indicates your acceptance of the updated policy.

9. Contact Us

If you have any questions or concerns about our Privacy Policy or how we handle your personal data, please contact us at:

We Need Music CIC
Email: info@weneedmusic.org

Phone: 07349904889

​

​

We Need Music CIC

GDPR Data Protection Policy

Last updated: 7th February 2025

Next update due: 7th February 2026

 

We Need Music CIC is committed to protecting the privacy and security of personal data and complying with the General Data Protection Regulation (GDPR). This policy sets out how we collect, store, use, and protect personal data in compliance with GDPR principles.

Purpose of this Policy

The purpose of this policy is to ensure that We Need Music CIC handles all personal data responsibly, lawfully, and transparently, and to ensure that all employees, volunteers, and stakeholders understand their responsibilities in relation to data protection.

Scope

This policy applies to:

  • All employees, volunteers, directors, and contractors of We Need Music CIC,

  • Any third parties or organisations that process personal data on our behalf,

  • Any personal data we collect, process, or store, whether in digital or physical format.

Definitions

Personal Data: Any information that can identify a living individual, such as names, contact details, or other identifiers.

Sensitive Data (Special Category Data): Personal data that is particularly sensitive, including information about race, ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health, or sexual orientation.

Processing: Any action performed on personal data, such as collection, storage, use, or deletion.

Data Subject: The individual whose personal data is being processed.

Data Protection Principles

We are committed to adhering to the following principles under GDPR:

  1. Lawfulness, fairness, and transparency: We will process personal data lawfully, fairly, and in a transparent manner.

  2. Purpose limitation: Personal data will only be collected for specified, legitimate purposes and not further processed in ways incompatible with those purposes.

  3. Data minimisation: We will ensure that the personal data we collect is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.

  4. Accuracy: We will take reasonable steps to ensure that personal data is accurate and kept up to date.

  5. Storage limitation: Personal data will not be kept in a form that allows identification of data subjects for longer than is necessary for the purposes for which the data is processed.

  6. Integrity and confidentiality: We will process personal data in a manner that ensures its security, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage.

  7. Accountability: We will be accountable for our data processing activities and ensure compliance with this policy.

How We Collect Personal Data

We collect personal data in a variety of ways, including:

  • When individuals sign up for our services or events,

  • Through forms submitted in person or online (e.g., contact forms, registration forms),

  • From communication with individuals (e.g., via email, phone, or social media),

  • Through our employees, contractors, and volunteers as part of their work with the organisation.

What Personal Data We Collect

The types of personal data we may collect and process include:

  • Contact details: Name, address, email, phone number.

  • Demographic data: Age, gender, date of birth.

  • Work-related information: Employment history, job titles, contracts.

  • Health data: Only where necessary, for example, in the case of employees requiring accommodations.

  • Event participation data: Data related to attendance at events or programs.

  • Financial data: Payment details, billing information (where applicable).

  • Other anonymised personal data: As required by our project funders, for example, barriers to participation.

How We Use Personal Data

We use personal data for the following purposes:

  • To deliver services and programs effectively,

  • To manage communications with employees, volunteers, and service users,

  • To process payments, donations, or invoices (where applicable),

  • To comply with legal or regulatory requirements,

  • To monitor and improve the quality of our services and programs,

  • To keep individuals informed about our work, events, and initiatives.

Data Security and Confidentiality

We take data security seriously and have implemented appropriate technical and organisational measures to ensure the protection of personal data. These measures include:

  • Encryption and password protection of digital data,

  • Secure storage and disposal of paper-based records,

  • Access controls to restrict data to authorised personnel only,

  • Regular security audits and reviews of data protection practices.

Data Retention

We will not retain personal data for longer than is necessary for the purposes for which it was collected. Specific retention periods will be determined based on the type of data and its intended use. Once the retention period has expired, personal data will be securely deleted or anonymised.

Sharing of Personal Data

We will not share personal data with third parties, except in the following circumstances:

  • Where we are required by law to disclose data (e.g., to regulatory authorities or law enforcement),

  • When we have explicit consent from the data subject,

  • With trusted third-party service providers who process data on our behalf (e.g., for payment processing or cloud storage). In such cases, we ensure that these third parties comply with GDPR requirements.

Rights of Data Subjects

Under the GDPR, data subjects have the following rights regarding their personal data:

  1. Right to Access: You have the right to request access to the personal data we hold about you.

  2. Right to Rectification: You have the right to request correction of any inaccurate or incomplete data we hold.

  3. Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data under certain conditions.

  4. Right to Restriction of Processing: You have the right to request the restriction of processing of your personal data under certain circumstances.

  5. Right to Data Portability: You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.

  6. Right to Object: You have the right to object to the processing of your personal data in certain situations, such as direct marketing.

  7. Right to Withdraw Consent: If we are processing data based on your consent, you have the right to withdraw that consent at any time.

If you wish to exercise any of these rights, please contact:

Name: Laura Forster
Phone: 07349904889
Email: info@weneedmusic.org

Data Breaches

In the event of a data breach that poses a risk to the rights and freedoms of individuals, we will:

  • Notify the Information Commissioner’s Office (ICO) within 72 hours, where required,

  • Notify affected individuals without undue delay, where appropriate.

Training and Awareness

We will provide training for all staff members and contractors on data protection principles and their responsibilities under GDPR where relevant. We aim to foster a culture of data protection awareness across the organisation.

Changes to This Policy

This policy will be reviewed and updated regularly to ensure compliance with data protection laws and best practices. Any changes will be communicated to employees and stakeholders.

Contact Information

For any questions or concerns regarding this policy or data protection practices, please contact:
Name: Laura Forster
Phone: 07349904889
Email: info@weneedmusic.org

  • facebook
  • instagram

GET IN TOUCH WITH US

Email: info@weneedmusic.org

Phone: 07349904889

​

PanKind and Lullabubbas are projects and trading names of We Need Music CIC

All content ©2025 We Need Music CIC.

To view our Privacy and Data Protection Policies please click here

​

bottom of page