Research Privacy Notice

Who are we and why do we use data?

If you’re not an organisation working in arts and culture, you probably won’t have heard of us. At thrive, we are a publicly funded charity that helps cultural organisations understand their audiences, ensuring the experiences they provide are as relevant as possible to you and other customers. We do this using research and data.

What does that mean for you and your data?

Sometimes cultural organisations give us access to the data they already have on audiences so we can do research on their behalf. If you’ve booked a ticket or engaged with a cultural organisation before, your personal contact data may be present in the data if they have asked us to work for them.

At other times, we’re asked to collect new data for cultural organisations. As part of this, we would pass the personal details of research participants back to the cultural organisation - but only if the participants have given us permission to do this. If you’ve agreed to take part in a survey or a focus group, you will have been given the option to provide your details during that process.

If your personal contact details are included in any data we use, protecting that information is very important to us.

What is the rationale for processing your data?

At thrive, we process personal data/information for certain legitimate business purposes which include undertaking research to;

• Better understand where current arts audiences come from, who is engaging with arts and culture and where the greatest potential is to find new customers.
• Better understand patterns and trends in arts and cultural engagement to help build longer and stronger relationships with existing customers.
• Better understand the impact of marketing and social media on arts and cultural engagement

Engagement with arts and cultural organisations delivers health and well being benefits to participants with minimal risk of harm, making research to widen and deepen engagement in arts and culture in the interests of all parties involved.

How do we treat your personal data in our research?

To safeguard your data, we use appropriate technical, organisational and administrative security measures to protect any information we hold. These methods are trying to prevent inappropriate loss, misuse, unauthorised access, disclosure, alteration and destruction.

We also ensure that any data we collect is gathered in line with the Code of Conduct of the Market Research Society. That includes not interviewing under 16s without putting in place the required additional safeguards to protect children.

What won’t we do with your data?

• We won’t sell your data on to anyone else.
• We won’t ask for more information than we need.
• We’ll never collect credit/debit card information.
• We won’t contact you without your permission.
• We won’t use your data for anything except for what we’ve been asked to do.
• We won’t keep your data forever. If we’re doing work for a client, once a client has received their findings, we’ll delete the records used containing personal data within 2 months. Alternatively, if you’ve given your data directly to us as part of one of our own projects, we’ll keep your data for up to 3 years.

What tools do we use?

To collect survey data, thrive use SurveyMonkey. While SurveyMonkey are US based, they are signed up to the EU-US Privacy Shield and meet the legal obligations around GDPR. You can read more about this in SurveyMonkey’s privacy policy.

Access to Your Personal Information

You are entitled to access the personal information that we hold. Email your request to our data protection officer Sarah Blake Knox. If you have any issues with how we process data, you have the right to raise a complaint with the Information Commissioner’s Office.