Privacy Policy

1. Our Commitment To Personal Data.

The protection of personal data should be your right.
It is our responsibility to do everything we can to protect your data.
Data should ONLY be collected when it is required to provide a certain product or service.
We will NEVER sell, share or disclose your personal data without your permission unless it is requested by warrant by law enforcement agencies.

2. Legislation We Abide By.

Tricks Of the Trade follows the guidelines and legislation of the following bodies

The UK Data Protection Act 1998
The EU General Data Protection Regulation (GDPR) 2018

We follow the guidelines of the Information Commissioners Office the UK’s official data protection body.

All the regulators above impose strict practices when it comes to the processing and storing of your personal data. If you are not from the UK the chances are we will meet the data regulations in your country too. If you wish to check on any aspect of your data protection rights you think may not be covered you can contact our data protection officer whose contact details can be found in section 9.

3. Data Retention.

Tricks Of the Trade collects various kinds of information depending on the product or service we may provide to you. In this section, we tell you what information we collect, why we collect it, how long we store it for and where we store it.

3.1 Browser Tracking Information

What: What site you came from to get to our site, what link you clicked, what browser you use, what operating system you use, your geographical location, your IP address.

Why: Like a lot of websites we may use Google Analytics and other tracking software to track user interaction with our website. This helps us find out things like how many people visit our site, how they navigate around our site, the pages that are most visited. This data is stored on our website to provide us with traffic analysis. It helps us improve our site and our services. This information does not directly identify you as a person it is just behavioural data. Google may also record your IP address which could be used to identify you, however, they do not give Tricks Of the Trade access to that information.

Google also uses cookies you can find details on that in the developer section of their site. Google is a third party service provider see section 5.

How Long: This data is normally retained for 3 years. It is not personally identifying data so there is no way we can remove data about your visits as we do not know what part of the data is attributed to you.

Where: Basic tracking information we store on our web hosting account with 3001 Web please see “third-party providers”. Our site encrypts data during transfer and our web host employs the latest in server security. This data, however, does not personally identify you and is not classed as sensitive personal data.

Any Google based tracking is stored by Google on their servers. While this data may be used to track you Google does not give us access to that kind of information. See “third-party providers”.

3.2 Contact Form Submissions On Our Site

What: Your full name, email address, telephone number, mobile number, your reason for contacting us, your message to us and your IP address, the date and time you submitted our form.

Why: We store these details so that we can respond to your questions or enquiries.

How Long: We store all email sent to via our website contact form for a period of five years to comply with UK law.

Where: We store this information securely in our website admin area and in our business email accounts. Both these services are provided by 3001web.com (see third party providers). All our web hosts servers encrypt data during transfer and employ the latest in server security.

3.3 Telephone Calls To Our Office

What: Your name, telephone number, the nature of your enquiry.

Why: We may write down the above information so that one of our staff can deal with your request or enquiry

How Long: This information is normally handwritten on paper and discarded once your request or enquiry has been dealt with. Any paper containing sensitive information like telephone numbers is shredded in our offices.

Where: We store this information temporarily on paper in our offices. We do not record telephone calls.

3.4 Venue Account Information

What: Your venue name and address, your business email address, your name, your contact telephone number.

Why: We store these details so that we may provide you with entertainers for your venue.

How Long: All data is stored for a period in line with statutory UK law for client data retention.

3.5 Entertainer Account Information

What: Your home address, your email address, your name, your professional name, your contact telephone number, details of your act, your publicity photographs, publicity videos or audio recordings and your bank or payment details.

Why: We store these details so that we may provide you with work as a professional entertainer.

How Long: All data is stored for a period in line with statutory UK law for client data retention.

Where: We store this information on our office computers within a password protected software namely agent 2000. Our computers are also password protected with a secure password and the latest firewalls and anti-virus technologies. We may publically display information about your act including photographs of you and any video or audio recording of your act on our website at tott.co.uk. We may also share images in the form of posters and any demo materials with other agencies and venues.

3.6 Associated Agents Information

What: Your business address, your email address, your name, your company name, your contact telephone number, details of your acts, your acts publicity photographs, publicity videos or audio recordings and your bank or payment details.

Why: We store these details so that we may effectively engage in business with other agencies and provide work for their artistes.

How Long: All data is stored for a period in line with statutory UK law for data retention.

Where: We store this information on our office computers within a password protected software namely agent 2000. Our computers are also password protected with a secure password and the latest firewalls and anti-virus technologies. We may publically display information about your acts including photographs of them and any video or audio recording of their act on our website at tott.co.uk. We may also share images in the form of posters and any demo materials with other agencies and venues. We assume that you have explicit permission from your acts to share their publicity and contact details to facilitate the granting of bookings in our venues.

3.7 Email Sent Directly To Or From Our Email Addresses

What: All emails sent either to our email addresses at tott.co.uk.

Why: In accordance with UK laws regarding email retention for business.

How long: This data is deleted after five years.

Where: We store this information securely on our business email server at 3001web.com (see third-party providers.)

3.8 Email Address Book

What: Your name and email address.

Why: To be able to communicate with you quickly and effectively by email.

How long: This data is deleted on termination of our contract with you or if you request that we remove it.

Where: We store this information securely on our business email server at 3001web.com (see third-party providers.)

3.9 Payment Data And Financial Information

What: Your bank account name, bank sort code and bank account number

Why: To be able to settle billing related transactions related to our business with you.

How long: This data is retained in line with UK statutory law.

3.10 Backups

What: Our web host takes daily backups of our site and all its data in all formats which are stored remotely.

Why: For recovery purposes if our site gets damaged, hacked or in the case of hardware failure resulting in data loss or damage.

How Long: These backups are kept for three days then automatically deleted. They are stored securely by our web host.

Where: Our host stores this information on their secure Google Drive account in the UK. See third-party providers for details on how they protect your data.

5. Third Party Providers And Data Processors

Some of the services we use may process, store or have access to your data to help us run our service to you. We have no control over their processing or data storage however they are all reputable and data protection focussed companies that have been vetted by us. The companies we use are as follows;

3001web.com See Privacy Policy
Google See Privacy Policy
Barclays Bank See Privacy Policy

5.1 Who Else We Share Data With.

ENTERTAINERS
Publicity materials for entertainers including posters, photographs, audio and video recordings will be shared with other agencies and venues at our discretion to be able to provide you with work. Your contact details may also be shared with agencies and venues to facilitate communication regarding any booking.

ASSOCIATED AGENCIES
Your agency name and contact number may be provided to our acts or venues to facilitate contact concerning bookings.

VENUES.
Your venue name and address and or telephone number will be provided to entertainers booked into your venue and their respective agents.

6. How We Protect Your Data

6.1 Data Stored On Our Website

Data is encrypted when sent between your devices and our website using 256bit encryption provided by SSL certificates issued for our own site.
Our web hosts servers have regular security checks and hardening performed on them by their server administration team.
Our web hosts servers contain (among others) the following security protocols;
cPHulk brute force protection to protect against brute force attacks
Mod Security
PHP open_basedir Protection
CageFS is enabled This provides filesystem-level protections for our site.
Apache Symlink Protection: CloudLinux protections are in effect ensuring each hosting account is caged and totally separate from other accounts on our cloud.
CSF firewall is installed, and LFD is running.
System kernels are updated instantly as released.
The MySQL port is blocked by the firewall, effectively allowing only local connections.
Password strength requirements are strong at both server level and admin areas for our site.
Outbound SMTP connections are restricted.
Php versions upgraded regularly as soon as they are stable.
Our site is monitored by 3001web for out of date or no longer supported plugins, themes and core code. Any outdated plugins or theme are updated immediately

6.1 Data Stored On Office Computers

Information on our office computers is stored in password protected software namely agent 2000. Our computers are also password protected with a secure password and the latest firewalls and anti-virus technologies.

7. Data Breaches

We will report any unlawful data breach of the tott.co.uk database or the database(s) of any of our third party data processors. This will be reported to the ICO in the UK. The report will be submitted within 72 hours if we can establish that personal data was accessed or stolen. In the event that personal data was accessed and in accordance with the GDPR rules we may also inform the data subject (you).

8. Name And Address Of The Controller

The controller for the purposes of the General Data Protection Regulation (GDPR) And The UK Data Protection Act (DPA) is:

John Clayton

10 Harrison Road, Crofton, Wakefield, West Yorkshire. WF41ND

Phone: 0800 169 5293

Email: accounts@tott.co.uk

Website: https://tott.co.uk

9. Name and Address of the Data Protection Officer

The Data Protection Officer of the controller is:

John Clayton

10 Harrison Road, Crofton, Wakefield, West Yorkshire. WF41ND

Phone: 0800 169 5293

Email: accounts@tott.co.uk

Website: https://tott.co.uk

Any data subject may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection.

10. Cookies

The website of tott.co.uk uses cookies. Cookies are text files that are stored in a computer system via an Internet browser.

Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate your browser from other Internet browsers that contain other cookies. A specific Internet browser can be recognised and identified using the unique cookie ID.

Through the use of cookies, tott.co.uk can provide the users of this website with more user-friendly services that would not be possible without the cookie setting including our favourites functionality.

By means of a cookie, the information and offers on our website can be optimised with the user in mind. Cookies allow us, as previously mentioned, to recognize our website users. The purpose of this recognition is to make it easier for users to utilise our website. The website user that uses cookies e.g. does not have to enter access data each time the website is accessed, because this is taken over by the website, and the cookie is thus stored on the user’s computer system. Another example is the cookie of a shopping cart in an online shop. The online store remembers the articles that a customer has placed in the virtual shopping cart via a cookie.

You, of course, may, at any time, prevent the setting of cookies through our website by means of corresponding settings of your Internet browser, and deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programmes. This is possible in all popular Internet browsers. If you deactivate the setting of cookies in your browser, not all functions of our website may be entirely usable.

11. Your Rights As A Data Subject

GDPR and DPA give you the following rights to do with the data we store on you.

The right to be informed.
Put simply you can ask our data controller why we store your information and what we use it for. However, that is openly discussed above.

The right of access
You have a right of access to that data to look at it. If you want to see what data we hold on you please contact our data protection officer and request a copy.

The right to rectification
If any of the information we hold about you is incorrect you have the right to have it amended. You can ask our data controller to edit for you. Obviously, we will need to verify your identity before we edit any of your information.

The right to erasure (right to be forgotten)
You have the right to have all data we have on you erased. This, in the case of tott.co.uk, would mean you terminating your professional relationship with us including the cancellation of any existing bookings, as without that basic data we cannot provide our services. There is SOME data that can NOT be erased even on request as we are required to keep it by statutory law in the UK. EG financial transactions and invoices which we are legally obliged to store for five years after the end of the financial year they occur in. Emails we are bound to store for a period of three years. Statutory law trumps any privacy law in most countries. You can ask our data controller if you would like to exercise your right to be forgotten, obviously, we will need to verify your identity before we edit any of your information.

The right to restrict processing
If you want to restrict us from processing information that is incorrect until it is corrected. If you close your account with us but would like us to still let you have access to the data for your accounting, in this case, it would be stored but not processed. When processing is unlawful and you oppose erasure and request restriction instead. If we no longer need your personal data but you require the data to establish, exercise or defend a legal claim.

The right to data portability
The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services.
It allows you to move, copy or transfer personal data easily from our site to another company in a safe and secure way, without hindrance to usability.

The right to object
You have the right to object to the processing of your data for the following purposes;
Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
Direct marketing (including profiling); and
Processing for purposes of scientific/historical research and statistics.

tott.co.uk does not currently process data in any of these ways.

Rights in relation to automated decision making and profiling.
tott.co.uk does NOT employ automated profiling in any way.

12. Lawful Basis For The Processing Of Your Data

We need to process your personal data to offer our services as an entertainment agency in the UK. Your legal name and legal address are required to comply with UK tax laws which supersede data protection laws. Your contact details such as email or telephone numbers are required to be able to provide our contractual services to you whether those contracts be verbal or written.

13. Changes to this policy

This privacy policy was created by tott.co.uk on 16th April 2018. We may change this policy at any time. Changes will be notated below. It is your responsibility to check this privacy policy regularly for changes.