Privacy

The Royal Academy of Music is committed to protecting your privacy and your personal data in accordance with the General Data Protection Regulation (GDPR).

Personal data means any information relating to an identifiable living person, who can be directly or indirectly identified.

The Royal Academy of Music is the data controller and has overall responsibility for processing the personal data it requires to serve its students, staff, donors, and visitors, and to fulfil its role as a leading conservatoire.

GDPR Principles
The GDPR requires that personal data be:

  1. Processed lawfully, fairly and in a transparent manner in relation to individuals.
  2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.
  3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
  4. Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is erased or rectified without delay.
  5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals.
  6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Personal Information
We are committed to ensuring our personal information is accurate and up to date; our privacy statements and data retention schedules show where data is held, for what purpose, for how long it is held and how data can be updated. These are listed at the bottom of this page. We may review our approach to data protection and privacy from time to time at which point these pages will be updated.

We do not sell any of our data to third party organisations and we hold personal data securely in our systems and databases, with access restricted to relevant authorised personnel only.

We want you to be in control of your personal data. Our privacy statements have contact details for specific departments or you can contact the Academy Data Protection Officer on dpo@ram.ac.uk . You have the right to see and amend your data, and in some cases have it deleted. We hope we can resolve any concern you might have quickly and easily. If you have contacted us in relation to your personal information but are not content with our response, you can contact the Information Commissioners Office for more information or to make a complaint; ICO .

What information do we collect?
The personal information that we collect includes:

  1. your name, title, date of birth and gender
  2. contact details including postal address, email, phone numbers and communication preferences
  3. access requirements (for example if you require wheelchair access, or any other access requirement)
  4. transaction history (we never store your payment information)
  5. affiliations and connections with the Academy
  6. details of visits to our website including traffic data, location data, operating system, browser usage, and the resources that you access • image and likeness (as captured on our CCTV cameras and in photographs and videos we use for promotional purposes)
    other background personal information you provide to us (for example when you apply for a course of study, a job, provide a reason for making a donation or correspond with us generally).

How do we collect your information?
We collect your information in a number of ways:

  1. When you give it to us or give us permission to obtain it. This includes when you make ticket purchase, sign up for our mailing lists, make a donation, complete an application form or communicate with us.
  2. We keep a record of the emails we send you and we may track whether you receive or open them so we can make sure we are sending you the most relevant information. We may then track any subsequent actions online, such as buying a ticket.
  3. Social media, we use social media to broadcast messages and updates about events and news. On occasion, we may reply to comments or questions you make to us on social media platforms. You may also see adverts from us on social media that are tailored to your interests. Depending on your settings and the privacy policies used by social media services like Facebook, Instagram or Twitter, we may receive non-personally identifying demographic or analytical information from these services that enables us to better understand the reach and effectiveness of our advertising.
  4. Information available publicly, which may include information found in places such as Companies House, your biography on your work website or information that has been published in articles/ newspapers.

Further details of the information we process can be found in our Privacy Statements and Data Retention Schedules.

Cookies
We may place a cookie, or small text file, on your computer or device when browsing our website, which can be used to identify users and analyse web traffic, to help us to understand and improve our site and how it is used. Find out more in our terms and conditions.

Privacy Statements & Data Retention Schedules
Campaigns and Advancement Privacy Statement (Development (Fundraising), Alumni Relations, Communications and Marketing)

Finance Privacy Statement
Finance Data Retention Schedule

Human Resources Privacy Statement (Employees, Workers and Job Applicants)
Human Resources Data Retention Schedule

Junior Academy Privacy Statement

Registry Privacy Statement (Applicants and Current Students)

Data breaches
Potential data breaches can be reported to the Data Protection Officer on dpo@ram.ac.uk in the first instance. We will assess the information provided and, where necessary, contact the Information Commissioners Office (ICO) and any affected persons.

Contact us
To contact us about our privacy policy, data retention schedules or with general privacy queries, please contact the individual teams stated in the privacy statements. Alternatively, you can contact the Academy Data Protection Officer on dpo@ram.ac.uk or write to us at: Data Protection Officer

Royal Academy of Music
Marylebone Road
London
NW1 5HT

Updated May 2018

ROYAL ACADEMY OF MUSIC
MARYLEBONE ROAD, LONDON NW1 5HT, UK
TELEPHONE +44 (0)20 7873 7373
REGISTERED CHARITY NO. 310007