We actually don't set any cookies ourselves or want any set due to you visiting our site. Cookies are often a vital part of how a website works & in future we may introduce their use to support your use of our site. At the moment we don't need them.
Unfortunately cookies are coming through via the Mixcloud players embedded towards the bottom of our page to let you play our DJ mixes (hosted on their site) in this site. We've tried to block these, but technically it doesn't seem possible to do this & still have the players work. There's an html (website stuff!) attribute “sandbox” we're using that some people say should block cookies, but doesn't (we have “iframe sandbox="allow-scripts"” set, which they say should allow the players to work, but stop cookies, it looks like these other people are right that sandbox can't block cookies & there isn't really a way to do this).
That left us a choice on whether to include the Mixcloud players or be cookie free. Our estimation is most people don't care much about this level of cookies (the 7 Mixcloud cookies concerned seem related to functionality, not advertising, tracking etc.) & including the Mixcloud players is worth the hassle of us having to give you a warning about cookies. We also reckon that most people want us to do this in a way that strikes a sensible balance between us fully meeting EU regulations & a decent experience in using our site, we believe what we're doing achieves that.
Mixcloud are not compliant with latest best practice in how they mark up their cookies, which is a nuisance for us in our regular use of tools to check our site is complaint, as it gives yellow warnings about them. But that's slightly irrelevant as they could correctly mark them “send our cookies EVERYWHERE” & that would be compliant. In fact it's slightly beneficial as (at time of writing) new versions of Chrome & Safari block the cookies due to this attribute not being set (so if you're using an up to date browser it's likely that you aren't in fact getting cookies from use of our site after all, despite our warning). One thing you can do is manage Mixcloud's cookies directly from their site. We're sorry that (actually for security reasons, designed to protect internet users) there's no way to control Mixcloud's cookies from our site, all we could do is not use Mixcloud at all & we've decided on balance we will continue to do so. Mixcloud also get a mention in the section “Copyright” below, in that case very much in their favour, adding to our rationale for continuing to using them.
Data That Amazing Thing! does not (as far we understand it) collect your personal data. As above we don't use website cookies to track you or collect data. We do get statistics from our web hosting company about things like the amount of people that use the site, what devices or browsers are used, what pages are visited, what pages “traffic” arrives from & when this all happens. But none of this is personalised.
Aside from our website & as a general organisational data/privacy statement we also believe it to be true we don't do much in the way of "holding data". There are likely to be e-mails from some of you out there in our inbox, this seems OK as you've explicitly sent us this & we get rid ASAP. We like the requirement to not hold the data past reasonable business use, it prompts us to be aggressive in clearing our e-mail!
We have our Facebook group, page & Instagram followers, but reckon any data passed as we jointly use those platforms is covered by Facebook's terms & your agreements to those. Not standing up for Zuckerberg here, but if he hasn't got the right permissions & protections for your data & privacy in place that's his look out, not ours.
Probably our biggest relations to personal data are through our e-mail mailing list & ticketing agents we use - in both cases 3rd party platforms (currently Mailchimp for the e-mail & Eventbrite for ticketing). In talking about Facebook above we say kind of “You're on that platform so its terms cover that use”, but we recognise that with the mail & ticketing platforms we have more responsibility. We're encouraging your use (e-mail) or pretty much forcing it (ticket sales) if you want to come an event we're using them for (though we usually offer the choice of giving one of us cash in person instead). Also (a good sign) as responsible platforms Mailchimp & Eventbrite themselves are very clear we have a duty to be careful about private data while using them. Here's a run down on us & your data on each of those services:
E-mail: The only thing hosted with Mailchimp is your e-mail address. Mailchimp has the facility to append your actual name (or whatever you tell them that is) to your e-mail, so you can get a nice personalised “Hello Francis” type mail, but we don't want this, we'd rather send something less personal & be concerned with less data. As for your mail address being on our list: we took a decision in 2018, when the GDPR regs really took hold in the UK NOT to make everyone re-sign to our list. We know some people did that, it was the “safest” option. However the barrage of mails that came from organisations in May 2018 was itself quite intrusive. We use our mail list VERY occasionally & only with good cause, don't send “a mail just to say hello”. We believe people sign up to our list to be notified when we have an event planned & we send typically 3 mails in the month or 2 preceding an event. That's if the event isn't sold out - if it is why bother people's mailboxes? As a consequence we've not used our mail list since May 2017 (at time of writing in March 2021). Next time we do there will be a message at the top saying this is the first time since GDPR we've mailed, we absolutely only want people who want our mails to receive them (& as a consequence are giving us leave to hold their mail address with Mailchimp). We especially feel this is OK as we've been doing just that in mails long before GDPR (e.g. this from 2005 “We do our best to keep an e-mail list of people who are interested in our events and don't want to send spam to anyone - we'd much rather keep word of our events to friends. If this isn't the case with you please mail us and we'll remove you immediately.”).
Since placing our e-mail list with Mailchimp in 2011 we've not added to it ourselves, people specifically sign up. It's just possible there are addresses on there from the wild west days of the early naughties, when someone would send out a huge list of “Manchester club cognoscenti” & people would just copy & use it. But that was a long time ago, we acknowledged these practices had happened in the past, but weren't good enough & wouldn't happen any more in a mail to the list in 2004. We've included notices asking for anyone not interested to unsub since those days & operated on the basis that you need to specifically request to be on our list for decade. We're confident we're in a good place on this.
Ticket agents: Eventbrite are quoted above, we've used them since 2015, prior to that we used Resident Advisor (& may return to them as we like their cleaner interface, but Eventbrite's fees to you are/were slightly less, this shifts around & we keep it under review), what we say about Eventbrite applies equally to RA or whoever we use in future. They collect some of your personal details, some are required by your card holder so they can confirm identity or are part of the card itself. We don't want anything collecting & don't access anything beyond your name, e-mail address & mobile. Of those we want the mail & mobile in case we need to contact you regarding the event. We'd only use mobile in an urgent case (e.g. cancellation at short notice) & have never had to do so. We've sometimes used the e-mail address to update people who've bought ticket on details of an event in case they haven't seen this info online. We want your name & often ask for the names of anyone you've bought tickets on behalf of, as that may be how we control the door at the event, it depends on the door & the preference of who's working it, it might not be practical or they might not want to use the other option of scanning QR codes. We don't retain any record of these 3 pieces of info beyond them still being available to us via the platform if we chose to look it up. Writing this prompts us to investigate having Eventbrite delete the data, we can't see why they or we need it once (e.g.) a year has passed since an event.
A final note on cookies & data - we think it's apparent from these “hand written notes” (rather than some copy & paste job) that we care a lot about these things & take our obligations seriously. We hope the casual language & openness helps to understand what we're saying & doesn't undermine it. In some places we go above & beyond, in other places we are taking what we think is a sensible line in grey areas (or areas we see big companies flouting on a regular basis without any consequence) & don't believe that as a tiny not-for-profit organisation we'd get slapped with a big fine if we ended up in court - we believe the court would be moderate in penalty, even if it decided we'd overstepped letter of regulation.
We're proud of our compliance with what we feel is good EU data regulation. We do not want our lives made easier in these areas by the UK government adopting poor US style regulation, which does less to protect the citizen.
Copyright The 2 areas we think we need to cover are any images & music we use.
The DJ mixes you can access from the site are hosted on Mixcloud, who undertake to pay the copyright holder the appropriate fee for use of their work. We hope this happens: “mixtapes” (which never did this) were part of house music culture since the beginning & we'd say that (done on a small scale) the argument that what they did to promote a small artist made up for any loss of income holds water. But it's better still if the artist is both promoted & paid & that's the principle here. However the reality is Mixcloud & platforms like it may not actually pay the artist, as the artist hasn't registered their work with their area PRS. If you make music get it protected & get paid - even f it's only a small amount.
Photographs of our events used by us are generally taken by us - one of us is a professional photographer - or by friends who have given us permission to use their photos. The place we use other people's work & haven't asked permission is in the use of the covers from pulp science fiction magazines of the 1950s, which may feature on this site, on Facebook, e-mails, posters & ticketing platforms. We use these without asking as we believe copyright has expired. This is difficult to ascertain with certainty as different countries have different laws & laws are complex, with different mediums subject to different periods of protection. Generally these magazines are US magazines & had copyright protection which may have expired in the early-mid 2000s (just as we started to use them), may have had an extension of 20 years which was implemented in 1998 & finished in 2018 or may still be protected as far as 2047 - in which case we are in breach. If this latter is the case we hope to receive a “cease & desist” notice, which is the common US practice & we certainly will.
In this, as in everything above, we hope our status as a tiny, not-for-profit organisation, hosting free events - or where we have to get some cash in, to cover expenses, supporting charity - will mean we're looked favourably on if we've accidentally crossed a line.