Our Privacy Policy

1. We do our very best to protect your privacy by using security technology appropriately. This means:
   1. we make sure that we have appropriate security measures to protect your information; and
   2. we make sure that when we ask another organisation to provide a service for us, they have appropriate security measures.
2. We will respect your privacy.
3. We will collect and use individual user details only if we have your permission or we have sensible business reasons for doing so, such as collecting enough information to manage and post out any purchases you make.
4. We will be clear in our dealings with you as to what information about you we will collect and how we will use it.
5. We will use personal information only for the purposes for which it was originally collected and we will make sure we delete it securely within the relevant legal limits. For example we are required to keep information about our financial activity for 7 years.
6. Our site is accessible via the internet. This means that people around the world who access our website can see anything you post on the website, for example, comments about an article.
7. If we or our service providers transfer any information out of the European Economic Area (EEA), it will only be done with the relevant protection (stated under UK law) being in place.

Other than the default cookies set by the server, this website does not set any tracking cookies on your device and does not store any identifying information about you.

We do gather web statistics using the Plausible.io system which is GDPR compliant and does not use Cookies.

We have a shop and shopping cart system. If you add something to your basket then three cookies will be added to your device to maintain your link to the shopping cart.

They are called customerID, customerCode and shoppingCart. They are considered essential cookies for the working of the website and none store any identifying data about you. If you can see a Shopping Cart button at the top left of this screen it means these cookies are set. You can delete them by emptying your basket.

Because of this there is no cookie consent system on this site.

We do not knowingly collect or store any personal information about children under the age of 16.

We will not share your personal information with others for marketing purposes unless you have given us your permission. If we have your permission, we will share your information only with other organisations we have chosen carefully.

We may make other organisations’ services available, through our sites, although we are not necessarily operating these sites. Information these other organisations collect is governed by their own privacy policies.

We can access and release personal information to keep to relevant laws and government requests, to operate our systems properly and to protect both us and our users.

Any other organisations who access your information in the course of providing services on our behalf will be governed by strict contractual restrictions to make sure that they protect your information and keep to data-protection and privacy laws which apply. We may also independently audit these service providers to make sure that they meet our standards. We may use service providers to help us run these sites (or services available on the sites), some of whom may be based outside the EEA.

Some of our webpages may use plug-ins from other organisations (such as the ‘Facebook Recommend’ function). Where these exist, these other organisations may use information about your visit to our websites on their pages. If you browse these pages while still also logged in to your account with us, information they collect may be connected to your account on their site. For more information on how these organisations use information, please read their privacy policies.

Under the UK Data Protection Act 1998 we have to say who the ‘data controller’ is for our Highland Music Trust website and services provided through our website. The data controller is the Highland Music Trust, c/o TMSA, The Signal Box, 5 Appin Lane, Edinburgh EH14 1JL.

If you would like access to or a copy of the personal information we hold about you, to request a correction, or have any questions about how we may use it or to make a complaint, please contact the Data Protection Manager at email office@highlandmusictrust.org.

Complaints will be dealt with by the Data Protection Manager, and will be responded to within 30 days at the latest.

If you are not satisfied with the way your complaint was handled, you may 
be able to refer your complaint to your local data protection regulator. For example, in the United Kingdom this is the Information Commissioner’s Office, and in Australia is the Office of the Australian Information Commissioner.