Encore Privacy Policy

1 Who we are

We’re Encore, a marketplace for booking live music acts.
We’ve always put the privacy of our musicians’ and customers’ data at the heart of everything we do. In particular, we never sell or trade personal data or email lists with third parties. We hope you’ll have seen already that we’re striving to do everything in your best interests, but just in case you’re not sure, this Privacy Policy goes into a bit more detail about why, how and when we collect personal information.
For queries, please use the contact details given at the end of this policy.

2 How we process data

Our business purpose is to provide a secure, accessible and easy-to-use online marketplace for connecting musicians with customers who can book them.
The personal information we collect as outlined in this document is collected on the legal basis of Legitimate Interests. “Legitimate Interests” means the interests of our company in conducting and managing our business, to enable us to give you the best service/products and the best and most secure experience. In other words, all of our data collection is done to support our purpose as a business, as described above. We only collect data which is necessary for this purpose. For each piece of personal information we collect, a Legitimate Interests Assessment has been carried out to ensure its collection supports our purpose and is weighed against your personal data rights.
For example, we have an interest in making sure our emails are relevant for you, so we may process your information to send you emails that are tailored to your interests.
It can also apply to processing that is in your interests as well.
For example, we may process your information to protect you against fraud when transacting on our website, and to ensure our websites and systems are secure.
When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests - we will not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
We process personal information for certain legitimate business purposes, which include some or all of the following:

• to enable you to access and use the website and/or mobile apps
• where the processing enables us to enhance, modify, personalise or otherwise improve our services / communications for the benefit of our customers
• to identify and prevent fraud
• to enhance the security of our network and information systems
• to better understand how people interact with our websites (this may include the use of third party tools such as Google Analytics)
• to provide email and text communications which are required or we think will be of interest to you (including service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you)
• to determine the effectiveness of promotional campaigns and advertising
• to administer rewards, surveys, sweepstakes, contests, or other promotional activities or events sponsored or managed by Encore or our business partners
• to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties

Whenever we process data for these purposes we will ensure that we always keep your Personal Data rights in high regard and take account of these rights. If you have any concerns about the way we process data, you have the right to object to processing that is based on our legitimate interests. Please use the email address at the bottom of this page to contact our data protection officer. Please bear in mind that if you object this may affect our ability to carry out tasks above for your benefit.

3 What personal data do we collect?

We collect personal data under the following categories:

• Data you enter when filling in any form on the website - such as when you register or update the details of your user account
• Data relating to your access and use of the website - such as when you search for musicians, make or accept bookings, pay for bookings, book or pay for any associated services that may be available, post comments or reviews, or communicate with other users
• Data you consent to share with us from third parties - such as if you link your account on a social media site (e.g. Facebook) to your Encore account, in which case we will obtain the Personal Information that you have provided to the third party site, to the extent allowed by your settings with the third party site and authorised by you
• Data relating to your direct communications with Encore

Encore may collect the following information about you:

• your name, age/date of birth and gender;
• your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
• purchases and orders made by you;
• your online browsing activities on Encore websites;
• your password;
• your communication and marketing preferences;
• your interests, preferences, feedback and survey responses;
• your location;
• your correspondence and communications with Encore, and
• other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).

Our website is not intended for children and we do not knowingly collect data relating to children.
We do not collect payment details. If you enter payment details into Encore, these are sent directly to our payments provider Stripe, who store them securely, and you acknowledge and accept Stripe’s terms and policies at the point of purchase, as detailed on our payment checkout page.
This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Policy. Some of the above personal data is collected directly, for example when you set up an account on our website, submit an enquiry, or send a message to our customer services team. Other personal data is collected indirectly, for example your browsing activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.

3.1 Referral and review services

The website provides various referral/review/invite services that allow you to invite your contacts to use the website or visit the website to complete a specific action (such as verifying a review).
We may integrate the website with third party sites such as Facebook, so that you can send invitation messages via the third party site itself. These messages will be sent by the third party site, and Encore does not collect or retain the contact information that is used to send them.
You may also send invitation/request emails via the website itself, in which case we will ask you for the email addresses to send these emails to. You can type in the email addresses manually, or you can request Encore to import the contacts in your email account address book(s). In both cases, we will use the information sent to us for the sole purpose of sending your contacts a one-time email, inviting them to visit the website and/or complete a short task. With respect to referrals, we will also store the email addresses of your invitees to track if your friend joins Encore in response to your referral.
We do not store customer email addresses submitted by musicians for review purposes.
If you request us to import your contacts, we will collect, but not store, the username and password for the email account you wish to import your contacts from. We will use this information only for the purpose of importing your contacts.

3.2 Mobile data

When you use certain features of the platform - in particular our mobile applications - we may receive, store and process different types of information about your location, including general information (e.g. IP address) and more specific information (e.g., GPS-based functionality on mobile devices used to access the platform or specific features of the platform). If you access the platform through a mobile device and you do not want your device to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device, provided your device allows you to do this. See your device manufacturer’s instructions for further details.

3.3 Website cookies

Cookies are small pieces of data stored in your browser when you visit our website. We may use cookies to facilitate the data collection described in this policy, and we may allow other business partners to use cookies and other tracking technology on our website. For example, Google Analytics may store a cookie in your browser when you visit our website, which will allow us to gather anonymised statistics about which of our pages are visited most frequently.

You can read more about Google's privacy policies in relation to cookies here.

There are two types of cookies used on the website, namely “persistent cookies” and “session cookies”. Session cookies will normally expire when you close your browser, while persistent cookies will remain on your device after you close your browser, and can be used again the next time you access the website.

We may, either directly or through third party companies and individuals we engage to provide services to us, also continue to track your behaviour on our own website and/or mobile apps for purposes of our own customer support, analytics, research, product development, fraud prevention, risk assessment, regulatory compliance, investigation, as well as to enable you to use and access the platform and pay for your activities on it. We may also, either directly or through third party companies and individuals we engage to provide services to us, track your behaviour on our own platform to market and advertise our services to you on the platform and third party websites.

Most browsers automatically accept cookies, but you can modify your browser setting to decline cookies by visiting the Help portion of your browser’s toolbar. If you choose to decline cookies, please note that you may not be able to sign in, customise, or use some of the interactive features of the website.

Third parties may not collect information about users’ online activities on the website except as described in this policy

3.4 Other technologies

The Platform may also use other technologies with similar functionality to cookies, such as web beacons and tracking URLs to obtain Log Data about users. We may also use web beacons and tracking URLs in our messages to you to determine whether you have opened a certain message (email or text) or accessed a certain link.

3.5 Analytics

When someone visits our website we use one or more third party services, including Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things like the number of visitors to different pages on our site, and their usage patterns within those pages. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google or other organisations to make, any attempt to find out the identities of those visiting our website.

3.6 Third party integrations

Our website or mobile apps may use social and other plugins which are provided and operated by third party companies, such as Facebook’s Like Button or Google’s Maps integration.
As a result of this, you may send to the third party company the information that you are viewing on a certain part of our platform. If you are not logged into your account with the third party company, then the third party may not know your identity. If you are logged into your account with the third party company, then the third party may be able to link information about your visit to our platform to your account with them. Similarly, your interactions with the social plugin may be recorded by the third party.
Please refer to the third party’s Privacy Policy to find out more about its data practices, such as what data is collected about you and how the third party uses such data.

4 When do we share or disclose personal data?

We will not transfer, store, use or process your information, including any Personal Information, to countries outside of the European Economic Area (“EEA”).
Your Personal Information may be disclosed as follows:

• As a musician, your public profile page will always include some minimum information such as your name, your public profile photo and public reviews and statistics related to your previous bookings. Parts of your public listing page may be displayed in other parts of the website to other users for marketing purposes. The website may also display your approximate geographic location on a map, such that a customer can see the general area of the services offered.
• As a musician, your public profile and results on public listing pages may be included in search engine indexes, in which case some details from your public profile may be published as search results. This option is enabled by default, and you may opt out of this feature by changing your settings on the website. If you change your settings or the information on your public profile, these search engines may not update their databases quickly or at all. We do not control the practices of third-party search engines, and they may use caches containing outdated information, including any information indexed by the search engine before you change your settings or the information on your public profile.
• When you submit a request to book a musician, your full name will become visible to the musician. In addition, if you request a call with the musician by phone and the musician accepts your request, we will share your phone number to enable them to make or accept a call. We may also share your phone number when a booking is confirmed in case the other party needs to contact
• When your request to book services is accepted or when you accept a request to book your services, we will disclose some of your Personal Information to the other party involved. However, your billing information will never be shared with another user.
• After a booking service has been completed, we will ask you to review the client or musician. If you choose to provide a review, your review may be public on the website.
• We may also publish, disclose and use Aggregated Information and non-personal information for industry analysis, demographic profiling, marketing and advertising, and other business purposes.

4.1 Business transfers

If Encore undertakes or is involved in any merger, acquisition, reorganization, sale of assets or bankruptcy or insolvency event, then we may sell, transfer or share some or all of our assets, including your Personal Information. In this event, we will notify you if your Personal Information becomes subject to a different Privacy Policy.

5 Mailing lists

If you register as a musician on our website, or create an enquiry as a customer looking for musicians, we will use your provided contact details to get in touch with any important information regarding your use of our product and websites. For example, we may send recommended musicians relevant to an enquiry to you via email, or send a text alert with important last-minute information for a booking you have made.
We’ll always send important service messages to you via email. Where our communication is primarily for marketing purposes, we’ll ask you to explicitly opt-in to receive these types of messages.

6 User communications

We may review, scan, or analyse your communications with other users exchanged via the website or mobile apps for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research, or customer support purposes. For example, as part of our fraud prevention efforts, we may scan and analyse messages to mask contact information and references to other websites. This helps to prevent fraudulent actors from asking clients to send them money outside of Encore, such as by bank transfer or other money transfer methods. We may also scan, review or analyse messages for research and product development purposes to help make search, booking and user communications more efficient and effective, as well as to better understand the effectiveness of product offerings.
We will not review, scan, or analyse your communications for the purpose of sending third party marketing messages to you. We will also not sell these reviews or analyses of communications to third parties. We will also use automated methods to carry out these reviews or analyses where reasonably possible. However, from time to time the Encore team may manually review some communications. By using our services, you consent that Encore, in its sole discretion, may review, scan, analyse, and store your communications by the means and for the purposes described above.

7 Access to your personal information

You are entitled to view, amend, or delete the personal information that we hold. The majority of the data we hold can be viewed, amended or deleted by you using the tools on our website. For example, if you are a registered musician you may use your profile page to edit the details held and displayed about you or your act.
If you are unclear about the use of these tools or have a data request which cannot be completed online using our website, please email your request to [email protected].

8 Data security

We follow a number of best practices and make every effort to keep your data secure. We follow both technical and organisational measures to protect user data from unlawful loss, modification or access.
Examples of how we implement technical security safeguards include but are not limited to:

• Encryption of all passwords using an industry standard hashing and salting algorithm
• Always using secure HTTP with SSL (HTTPS) to serve pages on our website
• Mitigating the effects of possible DDoS or other attacks using a third party CDN (Content Distribution Network)

Unfortunately, no method of transmission over the internet, and no method of storing electronic information, can be 100% secure. So, we cannot guarantee the absolute security of your transmissions to us and of your personal information that we store.

9 Data breaches

In the unlikely event of a data security incident, we’ll notify all affected customers promptly and without delay. In most cases this notification will be sent via email. Where required to do so, we’ll also notify the Information Commissioner (ICO).
Our reporting of a data incident does not constitute acknowledgement of any fault or liability on our part. Where possible, we will notify customers of steps we are taking to mitigate the effects of an incident, and steps we are taking to prevent future incidents of a similar nature.

10 Changes to this Privacy Policy

This document was last reviewed on 24 September 2024.
We reserve the right to change this Privacy Policy at any time. Where material changes to the terms of the policy are made, we’ll notify all users via email and/or on-site notifications.
We’ll always update this policy if we make significant changes to the types of data we collect or the way it is processed.
It’s important that you review the changed Privacy Policy. If you do not wish to agree to the changed Privacy Policy, then we will not be able to continue providing the Platform to you, and your only option will be to stop accessing the website and/or mobile apps, and deactivate your Encore account.

11 Contact Information

For any queries related to your data, we can be contacted at:
[email protected]
Your opinion matters to us. If you have feedback on this Privacy Policy or any other aspects of our terms and conditions, please send us an email at:
[email protected]

ICO Registration reference: ZB752993