Privacy Policy

At City of London Sinfonia (CLS), we promise to respect any personal data you share with us or that we obtain from other organisations and to keep it safe. We aim to be clear about the way we process your personal details, including when and how we collect your data and to only use it in ways that you would reasonably expect.

When processing your personal data, we always have your best interests at heart. We will only send communications to people who have demonstrated an interest in our activities (for example, marketing and fundraising information) and customers will be given clear means to opt-out of any such communication. Our communications include information about our performances, how to book tickets, participation projects, ways you can support and be involved in the Orchestra and opportunities to experience events by our partners and arts associates.

Developing a better understanding of our supporters through their personal data allows us to make better decisions on programming and marketing, to fundraise more efficiently and, ultimately, to use music to transform people’s lives across all areas of society.

There are lots of benefits to registering with City of London Sinfonia and we encourage you to update your contact and marketing preferences regularly to make the most out of our opportunities. If you are not currently registered and would like to receive such communications, you can register on our website at any time.

1. How we collect your personal information

We collect data that is necessary for our main business activities and use it in a way that is appropriate to the data processing activity with which it is associated. The type of personal data and quantity of information we collect from you and how we use it depends on why you are providing it.

We collect information about you in the following ways:

  • Directly from you via our website, by email, over the phone or in person: when you give us your information to attend one of our concerts, sign up for one of our events, make a donation, purchase tickets or communicate with us
  • From someone else (such as a friend or family member) who has bought tickets, merchandise or a membership on your behalf, either as a gift or with your permission

Your online account at allows you to:

  • Purchase tickets or merchandise
  • Join one of our membership schemes (such as CLS Friend or CLS 5IVER)
  • Make a donation
  • Register for special interest lists (such as ticket deals or information about concert seasons)
  • Access exclusive content

We may combine certain information you provide to us (such as postcode area or events attended) with information available from external sources (such as the Association of British Orchestras or the Audience Agency). We do not share the information you provide to us with these organisations but combine their data with ours to establish a better understanding of our supporters and therefore improve our fundraising methods, products and services.

The information we collect from other organisations may depend on your privacy settings or the responses you give to them, so you should regularly check your preferences with them. This information comes from the sources outlined below.

1.1 Third-party organisations

We may have acquired your information from a third-party organisation if you have provided permission for another organisation to share your data with third parties, including charities and arts organisations. This could be when you attend an event with one of our partners or register for a competition.

1.2 Social Media

Depending on your settings or the privacy policies for social media and messaging services such as Facebook, Instagram and Twitter, you might give us permission to access information from those accounts or services and allow us to contact you.

1.3 Information available publicly

We collect information about individuals and organisations from resources that are made available to the public to help us reach more people in our sector, to find relevant and interested audiences, and to get in touch with people who could assist us in furthering our main business activities. These resources include public websites (such as Companies House) and information that has been published in articles, newspapers and blogs.

As with most websites, we use cookies to help us make our website and the way you use it better. Cookies mean that a website will remember you. They are small text files that sites transfer to your device (computer, phone or tablet). They make interacting with a website faster and easier — for example, by automatically filling your name and address in text fields.

In addition, the type of device you are using to access our website or apps and its settings may provide us with information about your device, including the software it uses and the type of device you are operating (for example, a smartphone with iOS software) and when and why a crash or breach may have happened. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.

2. How we process your data

For most of our activities, we process data when we believe that we have a legitimate interest to do so, and/or if it is necessary for the performance of a contract with an individual or to comply with the law. In certain circumstances and if you are a new or potential supporter, we may ask for your consent.

2.1 Data we collect and how we use it

If you support our organisation (for example, by making donation, signing up for an event or buying tickets to a concert), we will usually collect:

  • Your full name
  • Your contact details (such as email address, phone number, and billing and delivery addresses)
  • Financial information (such as bank or credit card details)

Where it is appropriate, we may also ask about:

  • How you found out about City of London Sinfonia
  • Other arts and culture events you attend or are interested in
  • Your date of birth or age group (for instance, when registering to be part of our CLS 5IVER ticket scheme for 16-25s or when completing an audience survey)
  • The name of the educational institution you belong to and when you will graduate (when registering to our student scheme)

Generally, we will use your data to:

  • Provide you with the services or information you asked for
  • Administer your donation or support your fundraising (including processing Gift Aid)
  • Keep a record of your relationship with us
  • Ensure we know how you prefer to be contacted
  • Understand how we can improve our services or information

Where necessary for the performance of a contract or where we have a legal obligation to do so, we will use your data to contact you about the following activities:

  • To verify details about your order, including number of tickets, the amount you wish to donate and your payment information
  • Confirmation and fulfilment of your event booking, merchandise, membership or donation
  • Administration of your registration to our website or ticket schemes
  • Records and notifications of transactions, such as failure or receipt of a payment
  • To inform you about important pre-event information, including changes to an event (such as change of date, time or venue or event cancellation) and access information
  • To contact you about enquiries (such as complaints or access requests) you have made with us or in relation to our organisation and to inform you of procedures, progress and outcomes

It is in our supporters’ interests, including those of an individual or organisation, to know more about our organisation, particularly in relation to their selected preferences. Where we have a legitimate interest and justifiable reason to do so, we will use your data to:

  • Send you promotional materials, messages and information about our organisation by post or email, according to your preferences
  • Send you information about how to support the Orchestra by post, if post is one of your preferred forms of communication
  • Call you about upcoming events, projects and opportunities to be involved with the Orchestra, depending on your contact preferences
  • Contact you about opportunities to work with our organisation
  • Learn about your interests so that we can contact you with information that is relevant; to help us target our marketing communications so that they remain relevant to you
  • Classify our audience into segments and groups, using booking and publicly available information, to help us better understand our audience and ensure we are sending relevant messages to the appropriate groups
  • Measure and understand how our audiences respond to a variety of marketing activity so we can ensure our main business activities are efficient and effective
  • Undertake consumer research through focus groups, online surveys, written evaluation forms or telephone communications: we may contact you to ask you to participate in consumer research either via an online or telephone survey or in person.
  • Analyse and continually improve the services we offer, including our artistic output, our website and our other products
  • Detect and reduce fraud and credit risk

2.2 Building profiles of supporters and targeting communications

We use profiling and screening techniques to ensure communications are relevant and timely, and to provide an improved experience for our supporters. Profiling also allows us to target our resources effectively, which donors consistently tell us is a key priority for them. We do this because it allows us to understand the background of the people who support us and helps us to make appropriate requests to supporters who may be able and willing to give more than they already do. Importantly, it enables us to raise more funds, sooner, and more cost-effectively, than we otherwise would.

When building a profile, we may analyse geographic, demographic and other information relating to you, so we can better understand your interests and preferences and to contact you with the most relevant communications. In doing this, we may use additional information from third-party sources when it is available. Such information is compiled using publicly available data about you (for example, addresses, listed Directorships or typical earnings in a given area).

2.3 Direct Marketing

You are in control of the data we hold about you and how we use it. However, there are some communications (detailed above) that we may need to send you regardless of your marketing preferences, so we can fulfil our contractual obligations with you.

Direct marketing is the use of promotional tools (such as letters and advertising) that make use of personal data to address them to specific individuals. Before we contact you directly, we will screen the Mail Preference Service and Telephone Preference Service to ensure that we are contacting you on a lawful basis.

If you have registered for an account with us and we believe there to be a legitimate interest by which to contact you, we will keep you informed about projects and performances and let you know about the progress we are making. We may also ask for donations or other support. Occasionally, we may include information from partner organisations or organisations who support us in these communications.

We make it easy for you to tell us how you want us to communicate, in a way that suits you. Our forms have clear marketing preference questions and we include information on how to opt out when we send you marketing messages. If you don’t want to hear from us, that’s fine. Just let us know when you provide your data or contact us by email at info(at) or phone on 020 7621 2800. Our opt-out lists are regularly screened, so you can trust that we will not contact you from that point on.

2.3.1 Electronic communications

We use electronic communications (such as phone, email, text, Whatsapp and direct messages via social media) to carry out a lot of our marketing activities and bring our supporters more chances to experience music with our musicians.

We include an option for our existing supporters to opt out (or unsubscribe) in all marketing and fundraising messages when processing your data via any form of electronic communication. If you are a prospective or new customer, you must opt in (give us consent) to receive messages by email or phone. You can do so by logging in to your CLS account and updating your contact preferences.

We do not record any incoming or outgoing phone calls for any business activities and would only ever do so if we had your prior consent.

2.4 Sharing your experience

Some people choose to tell us about their experiences to help further our work. They may take on a role as a guest writer for our blog, voice opinions on our media (for example, in a podcast or video or as a Facebook or Google review) or provide testimonials and quotes for the evaluation of a project or performance. This may include sharing sensitive information related to their own personal experiences in addition to their biographical and contact information.

If we have the explicit and informed consent of the individuals, or their parent or guardian if they are under 18, this information may be made public by us at events in materials promoting our campaigns and fundraising work or in documents such as our annual report.

2.5 Children’s data

We do not collect, store or use children’s personal data. Our events have specific rules about whether children can participate, and we will only ever use children’s data (such as name and age) as required in practice by people who have DBS certification.

When necessary and possible, we will seek consent from a parent or guardian before collecting information about children. Safeguards are in place to ensure that our marketing materials, messages and communications are appropriate and do not put children at risk.

Children who choose to register for an account with us, or whose parent or guardian has registered on their behalf, have the same rights to adults to know about how we process their data.

3. How we keep your data safe and who has access

Your personal data is safe. We store it on encrypted devices and online systems and have procedures in place to ensure the security of your data. We have appropriate technical and organisational measures in place to ensure the safety and security of your personal details. These are secured, maintained and reviewed regularly by members of our Executive Team, by whom the data is processed when necessary and for purposes that we have outlined.

External evaluators collect or process personal data on our behalf and we do comprehensive checks on these companies before and for the duration of working with them, putting a contract in place that sets out our expectations and requirements about data security. In addition, our online forms are encrypted, and our network is secure and routinely monitored. You can read more about our data processors and their privacy policies on their websites.

We do not store card details on our online systems if you are a supporter and customer. Paper copies (for instance, membership forms) are shredded once the details have been processed. Card details would only ever be stored if necessary for performance of a contract (for instance, to pay musicians).

We undertake regular reviews of policies, procedures and processors. We also document who has access to information that we hold and carry out formal training to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors.

3.1 Sharing your data with others

Where necessary for the purposes of our activities and when it is in your interest, we may share some of your personal details with other organisations or individuals in the following ways:

  • We may need to disclose your details if we are legally required to do so; at the request of the police, regulatory bodies or legal advisors
  • To identify patterns of customer behaviour and location through third-party advertisers (such as Facebook, Instagram, Google or other charities and arts organisations) and to show you relevant advertising those platforms – the information shared with these platforms is pseudonymised to protect you
  • To send emails through our third-party email system (a data processor with whom we have a contract) to individuals and organisations who have consented to regular postal or electronic communications about our organisation
  • To inform trustees and members of staff about guests coming to performances, participation projects or bespoke events
  • For evaluation of our participation projects and performances

We do not sell to or share personal details with third parties for the purposes of marketing and fundraising. We would only ever share your data in other circumstances if we have your explicit and informed consent. For instance, we may need to share some of your personal data (usually your name) if we run an event in partnership with another named organisation – this would usually be necessary, under a contract basis, if you need to collect your tickets at a venue box office. We will always be clear what will happen to your data when you register.

If you access other websites from links on our site or other public online services (such as our social media profiles), we cannot accept responsibility for the privacy notices and practices of the other websites. We also cannot guarantee that your connection is secure when accessing the internet or another digital network. You should therefore put your own security measures in place.

3.2 International transfers

Some of our suppliers run their operations outside the European Economic Area (EEA). Although they may not be subject to same data protection laws as companies based in the UK, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law. By submitting your personal information to us, you agree to this transfer, storing or processing at a location outside the EEA.

3.3 How we deal with data breaches

We take data breaches very seriously and strive to address concerns efficiently and effectively once the breach has been reported. If we believe there to be a serious (high-risk) data breach that affects your personal data, we will contact you as soon as possible with details of the breach, what we are doing to resolve it and any actions you may need to take.

4. Keeping your information up to date

Where possible and appropriate, we use publicly available sources to keep your records up to date. We would really appreciate it if you could let us know about any changes made to your contact details or if you would wish to stop receiving communications from us.

You should find it easy to access and amend the personal information that we hold on you, or request that we stop contacting you. If you have an online account with us, you can amend your personal details and email contact preferences at any time. Simply sign in to our website and access your account. You can also contact our office by phone or send us a letter in the post.

5. Your rights

You have the right to know what and how much personal data we hold about you; to access and make changes to your own data; to object to how we are using your data, and to ask us to stop processing your personal data.

Every email we send to you will include details on how to change your communications preferences or unsubscribe from future communications. If we have processed your data in a way that is not necessary for the purpose you provided it to us, then please let us know.

You have a right to ask for a copy of the personal data we hold for you and necessary accompanying information. We have a legal responsibility to identify and respond to your right to access and will deal with an access request within at least one month starting from the day after receipt. In some cases, we may ask you to confirm your identity (for example, a copy of your passport or driving licence) when making your request. There may also be a small, appropriate administrative fee for manifestly unfounded or excessive requests, or if you request further copies. In these cases, the request period would start from the time we receive the additional information.

We keep your personal data only for as long as necessary for each purpose we use it, and will hold your data for up to six years unless otherwise advised.

If you want to amend your data or have it erased, and you have made an access request, the request must have first been received and resolved.

If you have any queries about this privacy policy, about how we process your personal data, or you wish to exercise any of your legal rights, you may contact our Head of Data with a description of the information you want to see by:

  • Email: info(at)
  • Phone: 020 7621 2800
  • Post: City of London Sinfonia, 1st floor, Radisson Court, 219 Long Lane, London SE1 4PB

6. Cookies

As with most websites, we use cookies to help us make our website and the way you use it better. Cookies are small text files that are placed on your device (computer, phone or tablet) and mean that a website will remember you. They make interacting with a website faster and easier — for example, by automatically filling your name and address in text fields, and also allow us to collect information about your online activity on our site.

When you first visit our website, you are given a choice between accepting all cookies or essential cookies only. Most browsers automatically accept cookies, but you can modify your browser to decline cookies. Please be aware that disabling essential cookies will affect the functionality of this site. Third-party cookies include, but are not limited to, Facebook, Instagram, Twitter and LinkedIn. We do not pass on any identifiable information to third parties.

7. Changes to this policy

This notice was updated in consideration of the new Data Protection Act coming into effect in May 2018. The section on cookies was added on February 2024 with the launch of our current website. We may change this Privacy Policy from time to time. If we make any significant changes in the way we treat your personal information, we will update it on our website and notify you of the changes.