The Edinburgh Festival Fringe website (www.edfringe.com, including, without limitation, tickets.edfringe.com, edfringe.com/shop, registration.edfringe.com, www.fringeworldcongress.co.uk, www.worldfringeday.com and other websites owned or controlled by us, from time to time) (the "Website") and the Fringe mobile app for iPhone and Android (the "App") are maintained by the Edinburgh Festival Fringe Society, a company limited by guarantee and incorporated in Scotland (No SC 046605, Registered Charity No SC 002995) which sells tickets for the Edinburgh Festival Fringe, and the Festival Fringe Trading Limited, trading as Edinburgh Festival Fringe Shop, incorporated in Scotland (No SC 130813, VAT registration number 171 276 804) which sells goods. Please remember that throughout the terms that follow, when we mention ‘we’, ‘us’, ‘our’, etc, we mean Edinburgh Festival Fringe Society Limited ("EFFS") and/or Festival Fringe Trading Limited ("FFTL") (as applicable). When we refer to ‘you’ we mean the user and/or browser of the Website or App and those persons, organisations or companies registering a show for the Edinburgh Festival Fringe.
Our principal place of business is at 180 High Street, Edinburgh, EH1 1QS. You can email us at email@example.com. The main telephone number for our office is 0131 226 0026.
FFTL is the data controller in respect of the collection of personal information relating to the purchase of goods from the Website, and EFFS is the data controller in respect of all other personal information collected including the purchase of tickets. Both can be contacted at the address above.
What information do we collect?
You are not required to provide any personal information in order to access the majority of the content available on the Website or App. We do, however, require you to supply certain personal details when you register with us or make a purchase from the Website or App, in order to process your transaction and/or fulfil your order. This information includes;, name, address, email address and payment details.
We will also collect and process any personal data supplied by you in connection with your use of registration.edfringe.com when registering a show at the Festival Fringe (for further information on this, please see the "How will my data be used when registering for a show?" section of this policy).
To become a member of the Fringe Society we require your name, address and contact information as set out in our forms, which will be stored on our secure server and used to send your essential election communications.
We will also ask you for information when you enter a competition or promotion sponsored by us and if you report a problem with the Website; typically your name and contact information that you supply us with, such as your email address or phone number.
We may also collect information about your computer, the mobile telephone and/or handheld device on which you are using the App or Website, including where available your IP address, operating system and browser type, mobile network information as well as the mobile telephone or handheld device's telephone number, for system administration and to report aggregate information about users' browsing actions and patterns (from which users cannot be identified).
In respect of users of the App and mobile website, we will also collect details of your network-based location in order to enable the "Near me now" (and/or any other, similar location services) and map functions which show you which shows are on near your current location.
We may also collect other information provided by you at the time of registering to use the App.
Where will we store your information?
When you are purchasing tickets through the App or tickets and/or goods through the Website we will store your personal data (including, for the avoidance of doubt, your payment details) under your account for any future payment made by you in relation to tickets and/or goods. Your payment details will be stored by our payment processing provider in the form of an encrypted token and processed by our payment processing provider only where you purchase tickets and/or goods. You can choose to remove any stored payment details from the App or Website, at any time, by selecting the "Remove Card as a Payment Option" option under your account.
The token containing your payment details remains (in its encrypted format) within our payment processing provider's secure network, in compliance with data protection legislation and any other applicable laws, regulations or standards, until it expires (cancellation or expiration of card) as dictated by the payment processing provider. Your payment details (on the Website or App) are stored as a secure encrypted token within the payment processing system for the purpose of ‘one-click’ payment processing. Payment details stored for the purpose of ‘one-click’ purchasing on our Website or App are processed by staff or suppliers in its encrypted format only and it is not possible for any staff or supplier to revert tokens back to live data. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website or App; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How will we use your information?
The legal basis upon which we rely for using information held about you is primarily for the performance of a contract between us, or in anticipation of entering into a contract with us, e.g. to provide you with products and services that you have asked for. This includes:
- carrying out our obligations arising from contracts entered into with between you and us; and
- providing services you rely on from our Website and our App, such as interactive features of our Website or App, when you choose to do so.
- to ensure that content from the Website and App is presented in the most effective manner for you and for your computer, mobile telephone and/or handheld device;
- to provide you with essential information about products and services you have requested from us, such as changes to your show information, cancellations and refund services;
- to provide you with marketing updates and communications relating to products or services that you request from us or which we feel may interest you (including content and advertising tailored to your interests), but only where you have expressly consented to be contacted for such purposes;
- to notify you about changes to our service that may affect you;
- to allow you to vote in Fringe Society elections (managed by ERS) and, if you have chosen to do so, to allow candidates to canvas directly to you;
- to maintain and keep updated the Website, and the App (including by viewing any personal data held on the Website and/or App in respect of you) and to transfer and process that information for the purpose of organising, co-ordinating, advertising and marketing shows and/or the Edinburgh Festival Fringe. From time to time, we rely on third party suppliers to perform these activities on our behalf.
If you do not provide us with your information, we may not be able to provide services to you. We will let you know about this at the appropriate time.
Will we disclose the information we collect to outside parties?
We will not sell, trade or rent your personal information to others unless you have given us your permission. With your permission we will only share your information with carefully chosen, reputable and trustworthy third parties. We do provide aggregate statistics about our customers, sales, traffic patterns and related Website information to reputable third-party vendors, but these statistics will include no personally identifying information. We may disclose your personal information to third parties:
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation;
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if EFFS or FFTL or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
- in order to enforce or apply our Terms and Conditions and other agreements; or
- to protect the rights, property or safety of us, our members or others.
This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction. In the instance of stored payment details, we will send your data to our payment processing provider for encryption. The encrypted token is stored within our payment processing provider's secure network in compliance with data protection legislation and any other applicable laws, regulations or standards. When a payment request is made against this encrypted token we will send a request for confirmation of payment to the payment processing provider for the purposes of fraud protection and credit risk reduction. The encrypted token will be processed only where you purchase tickets and/or goods. Where you are a foreign national we may provide the UK Border Agency with confirmation of your nationality, passport/identity card numbers and other personal information relating to you that has been collected or processed when registering for a show.
Where your details are stored on the system and you are linked to a particular organisation, venue or show, the administrators of that organisation, venue or show may be able to see your name and contact details. In addition, except where you have opted for your profile to be private (which you can do during the registration process (or at any other time by going to the edit profile page) by answering the following question in the affirmative 'Click here if you would like to opt out of appearing in the contact searches?'), all other users of the system will be able to:
- see your first name, last name and job title and to send you an invite via the system to become associated with, or accept a particular role within, an organisation, venue or show (for example, to become an administrator for a particular show); and
- access any contact details held about you on the system for the purpose of auto-populating the following fields:
- Organisation primary contact
- Venue Owner
- Venue Secondary Contact
- Media and Marketing Contact
- Box Office Contact
- Access Contact Details
- Primary Show Contact
- Secondary Show Contact
- Media Contact Details
- Touring & Development Contact Details
If your name and contact details have been identified as a contact associated with a venue, these may be displayed on the Website. If you have been identified as a contact for a particular show, your name and contact details may be used in show and venue proofs. We may ask you to give your permission to pass on the contact details for your nominated media and arts personnel provided by you to accredited media and arts industry professionals. You may withdraw your consent to our use of your data in this way at any time by emailing firstname.lastname@example.org.
Where you submit bank account details via the Website these will only be visible to us, or to any individual who you have granted 'Organisation Administrator'. We will use such details only for the purposes of paying you any box office takings or other sums due by us to you and we will not pass these details to any third parties.
What happens when I opt in to the Fringe mailing list?
By subscribing for Fringe updates, you agree to receive from us (but only us) emails detailing news, special offers, announcements and competitions. You can unsubscribe from this service easily, and at any time, by using the link provided at the bottom of the email you are sent.
How long will my data be held for?
We will retain your data for as long as we have a relationship with you, e.g. for supplying services to you, or otherwise providing you with information about services you request. Full details of the uses of data are set out above at “How will we use your information?” We may also need to retain your information beyond the term of our relationship for legal reasons, specifically to evidence the relationship between us. We will delete information when we no longer require to evidence our relationship. If you would like specific information about you deleted or removed, please refer to “Your rights” below.
You have a number of information rights that are provided for by data protection laws. These rights include:
- the right to access personal data which you have submitted through the Website which is stored by us, and otherwise held about you.
- the right to have inaccurate data about you rectified. This includes the right to provide us with supplementary data where we may hold information that is incomplete.
- the right to have data erased. This right has some exceptions, such as where we need the data for legal reasons.
- the right to restrict processing of your data, e.g. where data held is inaccurate.
- the right to have your data transmitted to a third party in limited circumstances - known as the right of data portability
- the right to object to how we process your data which includes in the case of direct marketing, the right to object to marketing from us.
- the right to not be subject to any automated decision making including profiling.
You can also exercise any of these rights at any time by contacting us at email@example.com and we will process such requests in accordance with applicable data protection laws within one month from receipt of your request. We will contact you as appropriate, to explain how we have complied with your request.
Right to complain
If you are not satisfied with the way we have handled any processing of your personal data, please contact us at admin@edfringe,com. You should be aware that you have the right to complain to the Information Commissioner’s Office (“ICO”) about the way organisations handle your information. They can be contacted on 0303 123 1113, or you can access their website which contains helpful information about the various rights you have. Please refer to https://ico.org.uk/concerns/.
Third party websites
Cookie Usage Policy
What are cookies?
A cookie is a small amount of data sent to your computer, mobile phone or handheld device from a website. This means the website can recognise your device (your computer, mobile phone or handheld device) if you return to the same site.
A cookie often includes a unique identifier, which is a randomly generated number. This is stored on your device's hard drive (cache). Many cookies are automatically deleted after you finish using a website.
Cookies are not programs and do not collect information from your device.
Cookies make your experience of using websites faster and easier. They allow websites to create a customised view of pages to which you navigate. For example, they are commonly used to authenticate or identify registered users of a website without requiring them to sign in each time they access it. Other uses include maintaining a ‘shopping basket’ of goods a user has chosen to purchase, site personalisation (presenting different pages to different users) and tracking the pages a user has visited on a site for analysis purposes.
Cookies may come with or without an expiry date. Cookies without an expiry date exist until the browser is closed, while cookies with an expiry date may be stored by the device until the expiry date passes.
You can restrict or block cookies set by the Website but this may limit your use of some functionality.
We use third-party suppliers who also set cookies on our behalf to deliver the services that they are providing or to record usage.
How to manage your cookies
Cookies are sent to your browser (whether you use Internet Explorer, Google Chrome, Safari or any other browser) by a website and then stored in the cookies directory of your device.
To check and update your cookies settings, you will need to know what browser you are using and what version of it you have. You can usually find this out by opening the browser (just as if you were going to use the internet) and then clicking on ‘Help’ and then ‘About’. This will give you information about the browser version you are using.
To find out how to allow, block, delete and manage the cookies on all standard web browsers, go to www.aboutcookies.org and select the browser and version you are using. You'll also find information about how to delete cookies from your computer. For the majority of browsers this can be done through your preferences control panel.
Cookies used on the Website
The following are cookies you may come across on this Website.
- Domain: google.com
- Purpose: The site uses Google cookies to record information about which pages you have landed on and how you have navigated through the site. This data enables us to understand:
- which pages people visit on the site
- which internet browsers are being used
- what content is popular
- which interactive tools are used
- For more information visit Google Privacy Center: transparency and choice.
- Domain: addthis.com
- Purpose: The "AddThis" button to enable visitors to share information easily using a variety of social networking web sites and other services. The AddThis Privacy and Data Practices Policy details what information is collected and used by this service.
- Domain: google.co.uk/doubleclick
- Purpose: The site manages online advertising
- Visual DNA
- Domain: visualdna.com
- Purpose: audience research and customer profiles
- OAID (OpenX)
- Domain: openx.com
- Purpose: used to track banner click activity for analytical purposes
- Domain: edfringe.com
- Purpose: Identifies if the user has accepted the cookie notification banner.
- Domain: edfringe.com
- Purpose: Stores the user's last search details.
- Purpose: This indicates whether or not the browser supports Flash and can therefore display sIFR fonts.
- Facebook (third party)
- Domain: facebook.com
Cookies used on registration.edfringe.com
The following are cookies you may come across on this Website.
- Domain: asp.net
- Purpose: to store and retrieve values for a user, server retains no knowledge of previous requests.
- Domain: .ASPXAUTH
- Purpose: - Determines if user is authenticated on login