Privacy Notice

Beamish Unlimited

This page sets out the details of Beamish Museum’s privacy notice in relation to information collected about you.

1.0 Who we are

Beamish Museum
Beamish
County Durham
DH9 0RG

We are registered charity and our registration number is 1122366

We are registered as a data controller under the Data Protection Act 1998, and our Data Protection Register number is Z574359X

2.0 What information do we collect about you?

We collect the personal data that you may volunteer as part of ticket bookings, online purchases, e-newsletter sign-ups and visitor surveys.

Personal information we collect may include:

  • Your name, title and gender
  • Postal address, email address and phone number
  • Family and spouse/partner details, relationships to other Unlimited Pass holders or Friends of Beamish members
  • Current interests and activities.

We will also collect and hold information about any contact you have with us as a visitor, customer or supporter of Beamish Museum, and may consist of details of:

  • Unlimited Pass or Friends of Beamish membership purchase and event registration/attendance
  • Online retail purchases
  • Contact preferences
  • Gift Aid status
  • Details of correspondence sent to you, or received from you
  • Employment information and professional activities
  • Any other information provided by yourself at the request of Beamish Museum.

When we ask you to provide your personal information we will let you know why we are asking, and how we will use your data, by directing you towards this notice.

3.0 What we are collecting the data for, and what we do with your information

We are under a legal obligation to obtain and retain certain personal data in relation to claims for Gift Aid, should you have opted to Gift Aid your admission.

The Beamish Unlimited membership requires the museum to collect and store personal data to enable the member to re-visit the museum with their annual membership ticket.

The Friends of Beamish memberships also requires personal data to be collected and stored for members re-visiting the museum, receiving information, and fulfilling our membership agreement with you – such as being able to send you the Beamish Magazine, which is part of your benefits package.

Depending on your relationship with Beamish Museum, and the preferences you have indicated, data we hold may be used by us for the following purposes:

  • To send you promotional, marketing or fundraising information by post, telephone or electronic means. These types of communications can include:
    • Informing you of other products, services or events related to Beamish Museum, such as our seasonal events programme.
    • News and updates about Beamish, such as our e-newsletters and/or our Beamish Magazine.
    • Information on our fundraising operations, including occasional requests to ask you to consider supporting the museum and our future plans.
    • Other relevant communications based upon your relationship with Beamish Museum.
  • Tools may be used to monitor the effectiveness of our communications with you, including email tracking, which records when an e-newsletter from us is opened and/or how many links are clicked within the message. The data from this tracking is generally used in an aggregated and anonymised form.

You can opt out of any/all of our communications at any point simply by contacting dataprotection@beamish.org.uk

There are some Beamish Unlimited and Friends of Beamish communications that we are required to send regardless of your contact preferences. These are essential communications, deemed necessary to fulfil our contractual obligations to you. This would include renewal reminders and querying returned mail.

4.0 How long the data will be retained, and data cleansing

Type of data Reason for holding data Retention period
Data relating to museum visitors who hold Unlimited Passes Legitimate interest Beamish will retain personal data for administrative purposes for up to two years from the date of purchasing their membership.

 

Data relating to museum visitors who hold Unlimited Passes, and have agreed to Gift Aid their donation Legal obligation The museum has a legal obligation for Gift Aid purposes to retain donor details who have Gift Aided their donation for six years
Data relating to other customers and transactions. This relates to a range of online and in person transactions, including museum tickets, event tickets, and guidebooks. Legitimate interest Two years
Marketing data relating to individuals who have signed up to receive marketing information, eg. e-newsletter or direct mail, and to be kept informed of events/news. We are required by GDPR to contact all the individuals held in this database to ensure they ‘opt in’ to receiving news in future. Consent Once people have opted in we will continue to communicate with them unless they opt out.
Data relating to Friends of Beamish. This database is held by the Friends of the museum (a separately constituted charity), who have their own privacy policy and systems. Information is held on a database is held securely and in accordance with GDPR. The data is shared between the Friends and the museum – so we can for example send Friends a magazine and fulfil contractual agreements to the membership. Legitimate interest One year following the date of the expiry of the membership
Enquiries made to the museum Legitimate interest Two years
Complaints/compliments – data stored securely in the museum’s Visitor Feedback database.

Where the complaint comes in through social media, the Communications Team will delete personal contact details once the complaint/compliment has been passed on to the Director’s Office who manage Visitor Feedback.

Legitimate interest Two years
Traditional Experiences Legitimate interest Two years
Group bookings Legitimate interest Two years
Education bookings

 

 

Legitimate interest Any personal data related to the booking will be deleted following the provision of services.
Community participation project participants

 

Legitimate interest Two years following the completion of the project.

 

5.0 Data storage and data cleansing

Membership information is collected and stored through our web based ticketing software, and  the membership data is stored on a cloud infrastructure that is fully GDPR compliant.

Membership data will be cleansed in according to our data retention policy.

All data is backed up and stored securely both in the cloud and on site, with data backups encrypted to endure data security for GDPR compliancy.

6.0 Who we might share your information with

Where Unlimited Pass holders have agreed to Gift Aid, we will need to share your data with the HMRC for Gift Aid compliance.

Data relating to Friends of Beamish memberships will be shared with the Friends of Beamish – to ensure you can re-visit the museum and we can send you any literature relating to your membership.

Other than this, we do not disclose personal data to any third parties or external organisations, other than data processors carrying out work on our behalf.

Examples of such data processors would be mailing houses for the sending of our Beamish Magazine and bulk email and direct mail distribution services.

Any such companies are acting as approved data processors for Beamish Museum, and we retain full responsibility for your personal data. Data processors will act only on our instructions.

We may occasionally need to transfer your personal information overseas, for instance to our bulk email distributor, MailChimp. Where this is necessary, this may be to countries or territories around the world.

We are required to ensure any transfers of data will be done securely, in accordance with best practice, and in compliance with GDPR.

Your data will never be sold or passed to any third party for any other purpose.

7.0 How we keep your information secure

We have implemented security procedures, rules and technical measures to protect the personal data that we have under our control from:

  • Unauthorised access
  • Improper use or disclosure
  • Unauthorised modification.

All our employees and data processors, who have access to, and are associated with the processing of personal data, are legally obliged to respect the confidentiality of our visitors’ and supporters’ personal data.

8.0 How can I access the information about me, and ensure information is correct?

You can ask us if we are keeping any personal data about you and you can also request to receive a copy of that personal data – this is called a Subject Access Request.

Please try to be as clear as possible about the information you are seeking.

Once we have received your Subject Access Request, you will receive a response from us within a calendar month and you will be able to get copies of any information we hold on you. However, exemptions to disclosure may apply in some circumstances and in line with legislation.

Subject Access Requests should be sent to:

Data Protection
Beamish Museum
Beamish
County Durham
DH9 0RG

Email: dataprotection@beamish.org.uk

At any time you may request that we delete or correct your personal information. If you wish to correct any information on you held by Beamish Museum, simply contact dataprotection@beamish.org.uk

9.0 Changes to our privacy notice

We regularly review our privacy notice, and may make changes from time to time. Any changes made will be posted to this page, and will apply from the time we post them.

10.0 How to contact us

If you have any comments about our privacy notice, or information we hold about you please contact us: