Last Updated: 2nd February 2023
1. Introduction
BAFTA has always believed in being open about what data we collect from members of the public and what we do with it. The UK GDPR sets out comprehensive requirements for handling personal data. This includes a number of things we must tell you of when we collect data from you. We have provided all the information you need as simply and clearly as possible through this Privacy Policy using a question-and-answer format.
2. What data will be collected about me and why?
If you are entering a Viewing Area then only the data we ask you to enter will be stored e.g. we won't augment this with information about other pages you have browsed on the web site
The types of data and the reasons for collecting them are detailed below:
2.1. Address and Other Contact Details
We collect address and other contact details so that we can send you confirmation of your application and also so that we can pass your name and phone number to the security team on site who may need to contact you on the day. The data we collect are:
- Your name
- Your address
- Your email address
- Your phone number
2.2. Details of Your Access Requirements
If you are applying for a place within our Accessible Viewing Area one or more of the following is required to assess your application:
- Front page of DLA letter (no specific rate required)
- Front page of PIP letter (no specific rate required)
- Front page of Attendance Allowance letter (no specific rate required)
- Evidence that registered severely sight impaired (blind)
- Recognised Assistance Dog ID card
- War Disablement Pension
- CredAbility Access Card (+1 requirement stated)
2.3. Your Interaction with BAFTA
We may make a record of discussions we have with you by email and/or over the phone so that we can provide a consistent and efficient service if you contact us again.
3. Who is responsible for my data?
Any data collected about you on any of the BAFTA web sites will be kept under BAFTA's control. BAFTA is registered charity (No. 216726) and can be contacted using the following details:
Postal:
The Data Controller
BAFTA
195 Piccadilly
W1J 9LN
Email: [email protected]
4. How long will you keep my data for?
If you are successful in your application the data listed in sections 2.1 and 2.2 above will be retained for our records for twelve months.
If you are unsuccessful in the ballot then your data will be deleted from our system within 30 days.
5. Where will my data be stored?
When you apply for a viewing area then your details will be held on BAFTA's web server database (located in the EU) and will ultimately be downloaded to BAFTA's internal network (in London) for processing, e.g. to pick a winner.
We may choose to use other service providers in future, if we do they will be bound by the same strict rules which guarantee that the same safeguards are in place, and your rights remain the same. If we change our service providers then we will update the details on this page so you can always return to this page to see where your data is being stored.
6. Who will have access to my data?
Staff within BAFTA whose duties require it will have access to your data.
We use a carefully selected web agency to develop our web sites. This agency has access to the servers which hold the data so that they can maintain the servers - this also gives this agency access to the data. Our contracts with this agency ensures that they treat all of our data in strictest confidence.
Some technical tasks, such as configuring and securing our servers, require specialist expertise. We use specialist UK-based contractors to provide these services. These contractors are carefully vetted. All contractors must sign non-disclosure agreements which include a requirement that they keep all BAFTA's data confidential.
7. Will you give my data to anyone else?
We pass successful applicant’s name and phone number to our security team onsite to manage the safe handling of applicants as they are guided into viewing areas.
We will also pass your details to law enforcement agencies if we are required to do so by law.
We will not pass on or sell your details to anyone else.
9. What rights does the UK GDPR give me?
Here is a quick summary of the main provisions of the UK GDPR which are relevant to the type of data we hold about you:
Access: You have the right to view the data we hold about you and to receive copies of this data in digital format.
Accuracy/Rectification: If any of the data we hold about you is incorrect or incomplete then you can provide the correct or complete data and we must update the data we hold.
Erasure: You can request that we erase all the data we hold about you, but this is only available in some situations.
Restriction of processing: In some cases you can ask us to retain your data but not do anything with it.
10. How do I exercise my UK GDPR rights?
If you want to exercise any of your rights in relation to data BAFTA holds about you then please email: [email protected] or write to the Data Controller at the address given above (see "Who is responsible for my data?")
Please provide details in your email/letter of what actions you would like us to take. Depending on the nature of the request and whether or not your request comes from the email address we have on file for you, we may need to verify your identity so that we don't give out information to the wrong person, or delete the wrong person’s information. In most cases it helps if you are able to provide a contact phone number so that we can validate your identify and discuss the request with you.
11. What if I have a complaint?
If you are concerned about how we manage your data, or how we have handled a request to exercise your rights, then please get in touch with us to discuss it. To do this please send an email detailing your concerns to [email protected].
If you are still not satisfied with the response you can take your concern to the Information Commissioner's Office. For details of how to do this please refer to the ICO web site:
