Privacy Policy

Privacy Policy (Version 21 May 2018)

GDPR is an important change in government legislation regarding data protection and stands for The General Data Protection Regulation. It effectively provides an update to the Data Protection Act, bringing in new requirements and increasing the penalties for breaches. Any organisation that is required by law to comply with GDPR must do so by the 25th May 2018 at the latest. This law doesn’t only cover businesses, but sports clubs, charities etc – basically any organisation that handles personal data. 

GDPR will impose strict controls on how all organisations collect and process personal data within the EU and/or personal data of EU citizens. The UK is expected to enforce the full range of GDPR requirements. 

The regulation outlines six key principles for organisations that process individuals’ personal information. These are that data shall be: 

  1. processed lawfully, fairly and transparently 
  2. collected for specified, explicit and legitimate purposes 
  3. adequate, relevant and limited to what is necessary for processing 
  4. accurate and kept up to date 
  5. retained only for as long as necessary 
  6. processed in an appropriate manner to maintain security 

Right to be forgotten 

If you do not wish to be contacted by the Dundee Mountain Film Festival and wish to have your details removed, then you can do so by sending an email to ​

How you can access and update your information 

The accuracy of your information is important to us. If you change email address please let us know by sending an email to ​ If a mailshot returns an ‘address not recognised’ or ‘invalid’ we will automatically delete the email address from our database. Alternatively you can just register your new email address on our Contacts page on our website.

If you change home address, and you receive a paper copy of our brochure, you can let us know of your new address by sending an email to . You can also contact this email address if you wish to be removed (or added) from/to our mailing list.

You have the right to ask for a copy of the personal information Dundee Mountain Film Festival hold about you. 

Security precautions in place to protect the loss, misuse or alteration of your information 

Non-sensitive details e.g. email are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. 

Use of ‘cookies’ 

Like many other websites, Dundee Mountain Film Festival’s website uses cookies. ‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. 

Links to other websites 

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website. 

In addition, if you link to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site. 

16 or Under 

We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ we will not process your data, unless it is provided by a parent or guardian. 

Review of this Background and Policy

We keep this Policy under regular review. This Policy was last updated May 2018. 

This Policy sets out what we do with Personal Data and what you can expect from us as part of our obligations when processing this Personal Data. 

What data are we gathering? 

We may hold Personal Data about potential audiences and volunteers. We believe it is important to be open and transparent about how we will use your Personal Data. Information we may hold includes the following: 

●  name and contact details;  

Why do we collect this information? 

We use this information to communicate with you and to carry out our obligations as the committee of the Dundee Mountain Film Festival. The list of activities we carry out that may require the use of Personal Data include: 

●  To inform you of events organised by the Dundee Mountain Film Festival

●  To update you on significant changes in the programme of the festival 

How do we gather data? 

We gather data through a variety of methods, these include: 

  • Contact form on our website or by email
  • Feedback forms
  • Ticket application forms (paper)
  • Ticket application information (Eventbrite)

When will we delete this data? 

We may keep information for different periods of time for different purposes as required by law or best practice

Feedback forms – these are shredded once the information is transferred to the email database if permission has been given to do so.

Ticket Application forms (paper) – these are shredded once the addresses are transferred to our mailing list if permission has been given to do so.

Ticket Application forms (Eventbrite) – Eventbrite provides full details of how it uses your personal data (as a Consumer) on its own privacy notice.

Email data base – This is held securely within Mailchimp. It is routinely cleansed of all unsubscribed and invalid email addresses. Any emails that we send you through Mailchimp will have an unsubscribe link.

Who has access to this data and who do we share it with? 

Only those members who need information to carry out their role of sending emails or mailshots have access to that information. 

We do not store credit card details, nor do we share data with third parties. 

Where will the data be stored? 

The data is stored on a laptop computer belonging to one of the Festival Committee. This is backed up on an external drive.

What are your rights to your Personal Data 

As a Data Subject you have rights over your own data that you can exercise at any time, these are: 

●  Data is accurate – we must keep your data accurate 

●  Data is erased – we must erase data if not needed or requested by you

●  Data is portable – we must provide a copy of your data back to you 

●  Consent withdrawal – we must allow you to withdraw consent at anytime 

In the event that you wish to contact us to exercise these rights or for any further queries on this Privacy Notice please contact ​ 

If  you  are  dissatisfied,  you  have  the  right  to  raise  a  complaint  with the Information Commissioners  Office  at

Social media & sharing icons powered by UltimatelySocial