Telling Tales is fully compliant with the GDPR. We only collect information from our customers which is necessary to facilitate the booking of our performances, classes and holiday workshops and for the safety of our young people. We do not share any data we hold with third parties and will only send you information related to the following:


Telling Tales Drama Privacy Policy

This privacy policy describes how Telling Tales (‘we’ and ‘us’) collect, retain, use and store your information when you (whether you are a person or a business) interact with Telling Tales via our website, social media and mailing lists, or visit us for sessions and workshop.

Our website
We collect very little information from the viewers’ visits to our website. Absolutely no personal information is collected from our visitors. The website statistics gathered by our web hosting company records server requests only, e.g. the IP address and date of visit. This is similar to every other server on the web.

Client Data
Our client data is stored via a secure third-party cloud software application whose privacy policy is available upon request. Data we collect from you for the purposes of booking our classes and holiday workshops:

  • Your children’s names and dates of birth
  • Address
  • Telephone numbers (normally mobile)
  • Email addresses
  • Medical history for your children (if applicable)
  • Image Consent 

Our mailing lists
Our mailing lists are stored via secure third-party cloud email clients whose privacy policies are available upon request. Data stored in these applications contains the following information only:

  • First name
  • Last name
  • Email address

We keep the number of communications we send to a minimum, and will only send you information related to the following:

  • Sessions and workshops 
  • Booking confirmations and details
  • Telling Tales Newsletters
  • Offers and promotions

Data relating to children
We will not collect data relating to children without the express permission of a parent or legal guardian. In practice, we only collect and retain the following information relating to children:

  • Childs name
  • Date of birth
  • Medical history (if appropriate)



These are used in either:

1)    An emergency situation where we need to contact parents as soon as possible.

2)    To reply to text messages we have received

This is not our primary means of communication and will not be used for marketing purposes.





· Facebook (Telling Tales Open Page) – often features offers, relevant news and images/clips from Telling Tales activities – anyone can like/follow the page to stay up-to-date.

· Facebook (Telling Tales Official Closed Group) – this is for Telling Tales students and families (and alumni) only. This also contains some images/clips, exclusive offers – much like the open page but also has ‘housekeeping’ information and messages for members only. You need to request to be added to this.

· Twitter/Instagram  - Telling Tales - often features offers, relevant news and images/clips from Telling Tales activities – anyone can like/follow these to stay up-to-date.


Our lawful basis for processing your data
When you become a member you complete our registration forms giving us permission to store your details in our booking software and mailing lists.

For existing customers who are attending classes and courses, we store, retain and use your data in order to provide the services agreed in our terms and conditions.

For new customers, our systems require a positive opt-in (e.g. completing the registration form, signing up to our app and social media pages) before we can send you communications. We will explain this process with you during your initial registration.

For lapsed customers, we may from time to time, send you communications about our products and services which we believe you have a legitimate interest in receiving. You can opt-out of these communications at any time.

Protecting your data
Your data is stored via a small number of third-party cloud software applications with whom we have individual contracts and service level agreements. Each provider has their own security and privacy policy, copies of which are available upon request by contacting the Centre. Any internal data we hold is stored either on our own hardware or via cloud storage. All our internal systems are password protected and user access is restricted.

Data retention
We do not hold your data any longer than is necessary to provide you with our services or to comply with applicable law. We would expect to retain, store and use your data for the lifespan of your child’s journey with us, or for the duration of sessions and workshops they attend. Whilst we do not place a specific timeframe on the retention of our personal data, we periodically review our records and remove, edit, archive or delete data we deem surplus to requirements. Telling Tales is also required, by law, to retain financial information relating to its business practices for up to 7 years.

Your rights
In accordance with the GDPR you have the following rights:

  • to be provided with access to your personal data held by us;
  • to request the rectification or erasure of your personal data held by us;
  • to object to the collection of your data and request that we cease processing your data;
  • to request that we restrict the processing of your personal data while we investigate your concerns with this information;
  • to object to solely automated processing; and
  • to request that your data be transferred to a third party (data portability).

We will not use any personal information obtained via our website, our booking software or mailing lists for any purpose other than that stated when the information is gathered. We adhere to the terms of the GDPR and take the security and value of any information you supply us very seriously. We will not share your information with any third party unless required to do so by legal requirement.