Privacy Policy

Who we are
What we do
Information we collect
The lawful basis under which we process your data
How We Use Your Information
Sharing Your Personal Information
How We Protect Your Information
Your rights with regard to your data


This Privacy Notice describes the manner in which all venues operated by Trafalgar UK Theatres Limited gather, use, store, process and disclose the personal data of users of our services.

This notice sets out:

  • The information we may gather from you or ask you to provide,
  • The legal basis under which we may process your information,
  • How we may use that information to carry out our business,
  • Under what circumstances we may disclose your personal information to third parties,
  • Details of how we keep your information secure,
  • Your rights in relation to accessing data we may hold about you.

We are committed to protecting your personal data and to being transparent about the data which we hold about you and our use of it. 

Who we are

Trafalgar Theatres Limited (company number 08386064) manages and operates a number of venues on behalf of Local Authority clients including the venue to which this Privacy Notice applies.  Our parent company is Trafalgar Entertainment Group Ltd.

Parts of our Education and Outreach Programme are delivered by HQ Theatres Trust which is a registered charity (company number 07739274; charity number 1145989).

In respect of any personal information we hold about you the data controller is Trafalgar Theatres Ltd.

What we do

We promote and present arts & entertainment events, provide venue hire, workshops and ticketing services as well as a range of ancillary hospitality services connected with a visit to one of our venues.

Information we collect

Personally Identifiable Information

When you interact with us we collect, store and process data through which you may be personally identified.

Examples of when this might occur include:

  • when you make a booking online, by telephone or in person,
  • when you visit one of our websites,
  • when you make a visit to one of our venues,
  • when you ask us to send you information for example signing up to our mailing list,
  • when you join our membership scheme or register for other services we provide,
  • when you download or install one of our apps,
  • when you interact with us on social media,
  • when you correspond with us, for example to make a complaint or complete a comment card,
  • when you enter a competition or a prize draw we are promoting,
  • when you complete a survey or questionnaire,
  • when we require you to complete any documentation, for example an accident form.

The type of information we may collect and process includes, for example

  • your name and address,
  • your telephone number(s),
  • your email addresses,
  • your IP address,
  • information related to the purchase you have made which may include card details,
  • your personal image (for example where a CCTV recording is made on our premises),
  • your date of birth, for example if you are taking part in a workshop or other event,
  • information about the way in which you interact with us; for example whether you have clicked links on our emails, or whether you have responded to a mailing we have sent to you.

In most cases this will be information you provide to us in the course of your interaction with us but from time to time it might be information we gather from you without your knowledge

Information we receive from third parties

From time to time we may receive and process information about you from third parties.  For example, we may use third parties to verify your address details or to provide general research information about you compiled using publicly available data. 

Non-Identifiable Information we may process

We may also process information about you from which you cannot be personally identified.  This includes:

Log Files

Each time you visit our websites, log files are generated on the servers

Information that may be recorded includes the time and date of your visit, the files that were requested, your IP (Internet Protocol) address, the referrer website address (if provided) and the browser version.

We collect this anonymised information to help us better understand how you interact with the site, to allow us to diagnose problems, administer our systems and to audit the geographical make-up of users and how they have arrived at our site. 


We use cookies when you visit our websites.  Cookies are small pieces of information that are stored by your browser on your computer. They make it possible for us to provide our online ticketing service and track visitor statistics such as returning visitors, as well as to make sure our website is effective and accessible for all our customers. 

We may use online advertising to promote the venue based on actions you take on our websites, such as visiting a particular page, in a practice called remarketing. Where remarketing is undertaken our third-party suppliers may use cookies. Opt out information can be found by visiting the Network Advertising Initiative opt out page   .

Find out more about the cookies we use

Sensitive Personal Data

Data Protection law sets out certain categories of data which are considered particularly sensitive.  This includes information related to health-records, race, religious beliefs, trade union memberships and political affiliation.  We do not usually collect this information from our customers unless it is absolutely necessary to do so.  If it is necessary we will always seek your explicit consent. 

The lawful basis under which we process your data

There are three lawful bases under which we may process your data:


When you purchase goods or services from us you are entering into a contract with us.  In order to undertake our responsibilities with regards to that contract we need to store and process your personal information.  For example we may need to post your tickets to you or we may need to contact you in relation to a booking you have made or where a show or event is subsequently cancelled. 

Legitimate Interest

We may process your personal data for our legitimate business reasons.  This will most likely occur where there is a clear reason for doing so, where there is a benefit to you, where we consider that you would reasonably expect the processing to take place and where we judge there to be a limited impact on your privacy.   


Where the above bases are not considered to be appropriate reasons for the processing of your data, but where processing still needs to take place, we will seek, record and maintain your explicit consent before undertaking any processing.      

How We Use Your Information

We may process and use your personal information in a variety of ways, including for the following purposes:

  • To process orders for theatre tickets/services
  • To personalise your experience
  • To process payments
  • To promote future events, the venue and services we provide based on data we hold about individuals and representative consumer(s).


For all communications related to a booking you have made, an event you are attending or a membership you hold the legal basis under which we process your data is contractual.  This would include contacting you, for example, in relation to a cancelled performance.

We use our legitimate business interests as the legal basis for marketing communications about our venues, products, services and future events. We will send information that we consider to be of interest and benefit to you in line with the contact preferences that you have communicated to us. If at any time you wish to unsubscribe from receiving future communications you can do so via the unsubscribe link at the bottom of each email communication.

Your contact preferences can also be updated online at any time or by contacting the Ticket Office or other point of sale in person or by telephone.

Profiling, analysis and research

We may profile your data for research and analysis purposes and in order to ensure we are sending information that is relevant to you. We may also analyse data we hold about you in order to identify and prevent fraud.

Retaining your information

We store your personal information for no longer than is required for the purposes for which it was collected.  Please be aware that the precise period may vary depending on your interaction with us and your relationship with us.
Once the relevant purpose has been satisfied we will delete or anonymise the information we hold about you unless the law requires us to retain a copy.  

Sharing Your Personal Information

We do not sell, trade, or rent identifiable personal information to others without your consent except to the extent required by law. 

However, we may share your data with the following categories of companies as an essential part of providing you with relevant products and services:

  • Other group companies within Trafalgar Entertainment Group.
  • Other venues within Trafalgar Theatres
  • Third party service providers to help us operate our business; for example sending out mailings, providing ticketing services, payment processing partners or analytics.
  • Government bodies and law enforcement agencies

When we use third-parties, their access to your personal data is specifically restricted to the contracted purpose for which the data is provided and we take all reasonable steps to make sure the processing complies with our Data Protection Policy, our Privacy Notice and applicable laws.

From time to time we may be asked to provide your data to a specific named visiting company whose performances you have attended at one of our venues.  We will always ask for your explicit consent before doing so.

How We Protect Your Information

Protecting your data is important to us.  We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username/password and transaction information.

Data exchange between you and our website happens over a SSL secured communication channel and is encrypted.

We take every precaution to protect your information and are fully PCI DSS (Payment Card Industry Data Security Standard) compliant. To this end all personal information stored by us is kept on servers in a secure environment. Only employees and approved contractors/developers we may appoint from time to time and who need the information to perform a specific job are granted access to personally identifiable information.

We regularly review policies and procedures to ensure that our systems remain safe and secure for your protection. We will not transfer,  process or store your data anywhere that is outside of the European Economic Area.

Your rights with regard to your data

You have certain rights with regard to the storage and processing of your personal data including the right to request that we:

  • provide you with a copy of the personal information we hold;
  • update your personal information where it is out-of-date or incorrect;
  • erase personal information we hold;
  • restrict the way in which your information is processed;
  • consider any valid objections to the processing of your personal information; and
  • provide information about you to a third party provider of services (where the Company’s lawful basis for processing is your consent).

If you wish to exercise any of these rights, you must submit a request in writing to the email address below.   We will respond to your request including providing information about whether the rights apply in the particular circumstances under which you are making the request). We may require additional information from you in order to respond to your request and we may levy a fee in some circumstances.


You also have the right to make a complaint to the Information Commissioners’ Office (ICO) if you believe that we have not complied with the requirements of Data Protection law with regard to your personal data. 

Further information can be found at .

This policy was last updated on 30 March 2021.