Privacy, Security & Cookies
This policy explains what information we gather when you visit the ADC Theatre’s web sites, and explains how that information is used. The University of Cambridge, of which the ADC Theatre is part, is registered under the terms of the 1998 Data Protection Act.
It is important for you to appreciate that our sites provide links to other independent sites, both within the University and elsewhere. This policy applies only to direct accesses to our web sites - URLs starting , http://www.corpusplayroom.com and http://www.adcticketing.com. You will need to consult the appropriate information on other sites for information on their policies.
In common with most web sites, our websites’ servers can automatically log certain information about every request made of them (see below for more details). This information is used for system administration, for bug tracking, and for producing usage statistics. The logged information may be kept for up to two years.
We may also collect and process the following data about you:
- Information that you provide as part of the ticket booking process or when creating or editing an account in our box office system. When creating an account, and during subsequent log-ins, you are able to specify the use of this information (see below for more details).
- Other information that you provide by filling in forms provided on this website for a specific purpose.
- By supplying your personal information using this website, over the telephone or in person, you are consenting to the University holding and using it for the purposes for which it was provided.
- For more details about the collection and handling of card information, there is a separate security policy.
- If you contact us, we may keep a record of that correspondence.
- All information we hold about you will be held securely.
From time to time logging may be enabled on the webserver hosting our websites. When logging is enabled the following data is automatically collected for each request:
- The name or network address of the computer making the request. Note that under some (but not all) circumstances it may be possible to infer from this the identity of the person making the request. Note also that the data recorded may be that of a web proxy rather than that of the originating client
- The username, when known during authenticated (logged in) access to the site
- The date and time of connection
- The HTTP request, which contains the identification of the document requested
- The status code of the request (success or failure etc.)
- The number of data bytes sent in response
- The contents of the HTTP Referrer header supplied by the browser
- The content of the HTTP User-Agent header supplied by the browser
Logging of additional data may be enabled temporarily from time to time for specific purposes.
In addition, the computers on which the web site is hosted keep records of attempts (authorised and unauthorised) to use them for purposes other than access to the web server. This data typically includes:
- The date and time of the attempt,
- The service to which access was attempted,
- The name or network address of the computer making the connection,
- It may also include details of what was done or was attempted to be done.
Disclosure and uses of personal information
We use information held about you in the following ways:
- To contact you with essential information about your booking, for example in the case of a cancellation or programme alteration.
- To ensure that content from our websites is presented in the most effective manner for you and for your computer or device by gathering aggregate information about our users using it to analyse the effectiveness and popularity of our websites.
- To allow you to participate in interactive features of our service, when you choose to do so.
We seek ‘informed consent’ from you as part of the account creation process in order to use information held about you in the following way:
- To contact you about future events being sold or activities being undertaken by the University, trading as the ‘ADC Box Office’. You can opt in or out of receiving information by post and/or e-mail at any time, by logging in to your online account or contacting the box office (see below).
We may disclose your personal information to third parties in the following circumstances:
- In order to process a transaction; your personal information and card details are passed to third party service providers. Card details are only used for the purpose of handling an individual transaction. There is a separate security policy that contains more details about the collection and handling of card information.
- If we have obtained your consent to do so.
- When we are required or authorised by law, court order, regulatory or governmental authority to disclose your personal data.
- If required to protect the rights, property or safety of the University of Cambridge, its members or others.
Relevant subsets of this data may be passed to computer security teams as part of investigations of computer misuse involving this site or other computing equipment in the University.
In addition, this site uses Google Analytics to help us analyse site usage and to improve it. To support this, selected information about your interaction with the site is sent to Google for them to analyse on our behalf. For more information about Google Analytics see http://www.google.com/analytics/.
Links to other websites
Access to personal data
For the purpose of the UK Data Protection Act 1998, the 'Data Controller' for the processing of data collected by this site is the University of Cambridge.
You can check the information we hold about you by e-mailing us. If you find any inaccuracies we will correct them promptly. If you have any questions or comments about privacy please contact the Box Office (ADC Theatre, Park Street, Cambridge CB5 8AS, tel: 01223 300085, email: firstname.lastname@example.org).
The point of contact for subject access requests is the University Data Protection Officer (The Old Schools, Trinity Lane, Cambridge CB2 1TN, tel: 01223 332320, fax: 01223 332332, email: email@example.com).
The University is also Data Controller in respect of any personal data served as content by this site.
Card transactions are processed by YESpay International Ltd, and transmitted via Spektrix Ltd, who provide our Box Office system. Pages where information is captured by Spektrix can be identified by the 'Powered by Spektrix' logo at the bottom right of the screen.
When asked to enter personal details, including your credit card number, the address bar will indicate that you are on a secure webpage, most likely by showing https:// at the beginning of the address. This indicates that all data is being transmitted securely between your web browser and the Spektrix servers, using encryption to ensure that the data cannot be read or modified by a third party.
We take data security extremely seriously and understand the need to adhere to high levels of checking and auditing around storing and transferring cardholder data. As part of the global Payment Card Industry Data Security Standard (PCI DSS), we work with our acquiring bank Barclaycard to provide a secure payment network for our customers.
Protecting customers against credit card fraud is a critical issue for the University as Card Payment Merchants and we require that under no circumstances should credit card information be sent by email.