ITOPA Privacy and Cookie Policies
At ITOPA, we take data privacy and security very seriously. Our team has researched and assessed the requirements of;
- The Personal Information Protection and Electronic Documents Act (PIPEDA)
- The European GDPR using the guidance provided by the UK ICO (Information Commissioners Office)
We have taken steps to update our working practices including data storage and security, processes, and policies where required to be compliant.
1. Who we are
In this policy, “we”, “us” and “our” refers to ITOPA Ltd, a local theatre company serving customers in Canada. Our registered address is 88 Thames Street South, Ingersoll, Ontario. We are the Data Controller, which means we are responsible for deciding how we use personal data.
2. What this policy covers
- The type of personal information we collect
- How we collect information and how we use it
- Other parties we may share personal information with
- How we keep your personal data secure
- Your rights over your personal data under the European GDPR
- Your rights over your personal data under PIPEDA
3. What sort of personal information we collect
Through our website, www.itopa.ca, we only collect personal information to for the purposes of contacting you and to provide the services you want us to provide. This information will usually include:
- Your first and last name
- Your contact details such as your email address and telephone number(s)
We may process this information for the purposes of contacting you, updating your account with us, for any work you may ask us to do, for any ongoing services you ask us to provide (such as website hosting) and for backing up our business databases.
- The GDPR legal basis for our use of this “account data” is our legitimate interests, for the effective administration of our business.
- The PIPEDA Principles 2 – Identifying Purposes, and 4 – Limiting Collection applies to our purposes for collecting data.
4. How we collect your data
- Enquiry Forms
We collect personal data through this website only when you complete any of our enquiry forms. When you complete an enquiry form on our website, you agree to the data in that form being used for the purposes identified above. We will NOT use any information from enquiry forms for marketing purposes. Information collected via enquiry forms is not stored anywhere on our website. Our website has an SSL certificate, encrypting all website traffic to and from the site to 128Bit Encryption.
- Mailing Lists Subscription Forms
We might use sign-up forms for regular emails, newsletters, etc. If and when we do, these types of forms will request your clear and active consent to be emailed or posted marketing information. Only information submitted via these sign-up forms will be used for ITOPA related marketing and promoting goods and/or services to you. The legal basis for this processing under both GDPR and PIPEDA is consent.
5. How we’ll use your information
The personal information you give us will be used for:
- Contacting you via phone or email
- Confirming your contact details
- Providing you with the services you request
- Sending you newsletters and marketing information ONLY if your clear, explicit consent has been given.
The legal bases for this processing is legitimate business use and consent (last item only).
6. Sharing of personal information
We never share personal information collected via this website with any third parties for marketing purposes aside from Vendini – our ticked kiosk software provider.
7. Third party websites for ticket payments
Ingersoll Theatre Of Performing Arts (ITOPA) (“Member”) outsources its box office services (the “Services”) to Vendini, Inc. (“Vendini”) the provider of the ticketing/donation service. Vendini values the privacy of their members and customers. Please visit www.vendini.com/privacy for a complete description of how they use the information that you may provide to us. Your use of our ticketing or donation services constitutes your consent to our privacy policies.
8. Storage of your personal data
We only store data for as long as we need to provide you with your chosen services, maintain a working business relationship, or manage your account. We take stringent measures to secure your personal data and to prevent its loss, misuse or alteration.
9. Your data rights under GDPR – EUROPE ONLY
As a European client of ITOPA, you have a number of rights relating to your personal data submitted through this website under GDPR. You can:
- Ask what personal information we hold
- Ask us to update or correct details
- Object to or restrict the processing of your data
- Transfer your information elsewhere (“data portability”)
- Ask us to delete your information
10. Your data rights under PIPEDA
Your rights to request access to your personal data under PIPEDA are covered by Principle 9 – Individual Access:
“Upon request, an individual must be informed of the existence, use, and disclosure of their personal information and be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.”
For full details, see [https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/p\_principle/principles/p\_access/]
11. Third party website links
Our website and blogs may include active links to external websites, to provide you with further information. ITOPA takes no responsibility for the privacy policies and practices of these external websites.
12. Website hosting
We use some of the world’s most secure hosting providers for our ITOPA website.
Our own website is hosted with one of the largest most respected hosts in the world, SiteGround. For more information on Siteground and GDPR, see: https://www.siteground.com/blog/gdpr-siteground-getting-ready/
13. Contact us
1. What this policy covers
2. What are cookies?
Cookies are small text files that are often downloaded to your computer or device when you visit a website. Cookies exist simply to improve your experience of using a website, and to enable websites to remember your online preferences. Most cookies are automatically erased when you close your browser, whilst cookies might be stored on your computer for a certain period of time.
4. Deleting cookies
- This website has browser-specific instructions for turning off automatic consent: http://www.allaboutcookies.org/manage-cookies/stop-cookies-installed.html
- This site also has instructions on how to clear/delete cookies from your computer or mobile device: https://www.aboutcookies.org/how-to-delete-cookies
- If you wish to opt out from your data being collected by Google Analytics, you should install the add-on for your specific browse from the Google Analytics opt-out page.
6. Contact us