This privacy notice and page was last updated in May 2026.

These updates included:

• Changes to the structure of the notice to make it clearer to readers and customers
• Changes to reflect the introduction of our use of ‘soft opt-in’, under the basis of legitimate interest, for marketing to customers
• General updates and amends.

You can read the full policy below and it includes information about how to contact us if you have any questions about how we use your data.

---

Who are we?

Shakespeare’s Globe, otherwise known as “The Globe,” is a world-renowned theatre, education centre and cultural landmark located on the bank of the River Thames in London. The Globe is a ‘Controller’ of personal data.

The Globe must process personal data (this may at times also include special category data) so that it can provide our services. This includes a wide variety of activities such as booking a ticket to a performance or tour at our site.

The Globe will process your personal information in accordance with all applicable laws, including the EU General Data Protection Regulation (EU GDPR), UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), the Privacy and Electronic Communication Regulations (PECR 2003), and any other applicable laws.

What is personal data?

The term “Personal Data” means any information relating to you that identifies you, or through which you can be identified, directly or indirectly. In particular, by reference to an identifier such as a name, an identification number, location data, or an online identifier or to one or more factors specific to you physical, physiological, genetic, mental, economic, cultural or social identity.

We may at times need to process special category data. This data is regarded as being more sensitive and requires us to place additional protection upon it. Special category data includes:

• personal data revealing racial or ethnic origin;
• personal data revealing political opinions;
• personal data revealing religious or philosophical beliefs;
• personal data revealing trade union membership;
• genetic data;
• biometric data (where used for identification purposes);
• data concerning health;
• data concerning a person’s sex life; and
• data concerning a person’s sexual orientation.

What is the purpose of this Privacy Notice?

The purpose of this Privacy Notice is to let you know how we process your personal data when you engage with us. This Privacy Notice therefore explains what personal data we collect from you and how we collect, use, store, and disclose it. This Privacy Notice also contains information about your rights under applicable data protection legislation.

We are committed to compliance with data protection laws. We believe that ensuring data protection compliance is the foundation of trust.

It is important that you read this Privacy Notice together with any other Privacy Notice we provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Notice supplements the other notices and is not intended to override them.

We collect personal data from you when you use our website and services…

… and we need your permission before we can continue to provide you with our services.

To give us permission to collect and use your personal data you must be at least 16 years old if you live in the EU, 12 in Scotland, or 13 in England, Wales, and Northern Ireland, or you have permission from your parent or legal guardian. If you do not understand this section, please do not continue before you have asked your parent or legal guardian for help.

What data we collect and why

We may collect and store a variety of data from you, depending on how you use our services.

For example, we collect and store the information you give us when you:

• buy a ticket for a performance, a public event (such as a talk) or a guided tour;
• book a workshop, course or training session;
• donate, or purchase a membership;
• buy a product at our online shop
• buy a Video on Demand title or subscription via Globe Player;
• register for an account on Teach Shakespeare
• subscribe to receive e-communications;
• visit our websites;
• when you sign up to a survey, competition, or prize draw; and
• during meetings with members of staff.

The information that we collect may include your name, email and postal address, telephone number, your credit or debit card number, bank account information, website usage and other personal data, including special category data.

We also record the way you use our websites (including our teaching resources site), apps, and social media channels, and we use this data to learn, for example, how many people visit our pages, and what they are trying to find. To find out more about how this works, please read our cookie policy.

We may also use third party platforms or websites to collect data about you or receive data you have provided to third party platforms or website, with your consent; this could include entering a competition, signing up for newsletters or if you fill in a form to request more information or a free product. When we do this, you will be made aware of the intended use via the platform, your data will be securely transferred to our own systems in a reasonable time, and after which it will be treated in accordance with this Privacy Notice.

We use your data to provide you with our services but also to promote, analyse and improve our services. For example, we use your data to send you booking information and help with any questions you may have, collect your payments, and to make your experience more enjoyable when you visit us in person or online. If you have opted-in to receive marketing communications from us, then we may use personal data such as your purchase history, location, website usage, as well as the preferences you selected when you created your account, to promote and tell you about related products and services that we think you might be interested in. We may also use your personal information (including, but not limited to, email address, website usage, or postcode) to provide targeted advertising that is more relevant to you on social media platforms, websites owned by other companies, other digital channels and personalised emails.

When you submit your data as a part of a survey, we may use this data as a part of test data to gauge how individuals felt about certain experiences, or to decide how to market effectively.

Some data will be used for archival/historic research purposes. Information may be preserved for long-term public value, providing evidence of past actions, and enabling future research. Primarily, this is to support academic and creative work, and to retain and understanding of the Charities history.

When you come and visit us, we will also collect images of you via our CCTV systems. For further information on this, please refer to the ‘Our use of CCTV’ section below.

We will only use your personal data for the purpose we collected it and in accordance with the law. We will not use your personal data for any other purpose without your prior consent. The only exception to this is if it is required or permitted by law, such as where it is necessary for the prevention, investigation, detection or prosecution of criminal offences or the enforcement of civil law matters.

Our use of CCTV

The Globe has CCTV cameras operating at various locations, including the main Globe site, Swan areas, and the Education and Rehearsal building. At these locations, Fixed Closed-Circuit Television (CCTV) camera systems are in operation.

The appropriate surveillance camera signs will be in place highlighting where CCTV cameras are in operation.

The Globe uses surveillance cameras for the following purposes:

• To prevent and detect crime.
• To protect staff, visitors, and property
• To act as a deterrent, and protect buildings and assets from damage, disruption, and vandalism.
• To facilitate the identification, apprehension, and prosecution of offenders in relation to crime and public order
• To provide footage to law enforcement agencies if required
• Providing footage to the local authority if required
• To reduce the fear of crime and create a safer environment for employees and the public.
• To assist in the effective resolution of disputes which arise in the course of legal and insurance claims.

All processing of personal data via CCTV complies with the UK GDPR, and the Surveillance Camera Code of Practice. Our legal basis for processing these images is Legitimate Interests (UK GDPR Article 6(1)(f).

Our legal bases for processing your data

The UK and EU GDPR, (our global standard of compliance) requires that a Controller must have a legal basis for processing Personal Data. Our legal bases for processing your personal information are:

• Your consent. We will obtain you consent by collecting this directly from you, and you are able to withdraw your consent at any time. You can do this by contacting us by emailing [email protected].
• We have a contractual obligation.
• We have a legal obligation.
• We have a vital interest.
• We have a legitimate interest.

In some cases, we may process special category data. This is afforded some extra protection due to its sensitive nature, and therefore, under UK and EU GDPR we are required to provide a lawful basis for processing, and a secondary condition under Article 9. More details can be found within our Record of Processing Activities, but the conditions we may rely on are:

• Explicit consent
• Employment, social security and social protection (if authorised by law)
• Vital interests
• Made public by the data subject
• Legal claims or judicial acts
• Archiving, research and statistics (with a basis in law).

Who else has access to your data?

In order to provide you with our services, we employ the services of other organisations who process your data on our behalf. We call these organisations ‘Service Providers’, and they help us with things like processing payments, website hosting, data analysis, customer service, and email and digital marketing.

We also use Service Providers to carry out marketing and promotional activities on our behalf. This may involve your data being processed using third party applications or software. Our service providers include, but are not limited to:

Prospect Global Ltd (trading as Sopro) Reg. UK Co. 09648733. You can contact Sopro and view their privacy policy here: http://sopro.io. Sopro are registered with the ICO Reg: ZA346877 and their Data Protection Officer can be emailed at: [email protected].

We ensure all our Service Providers sign contractual arrangements to ensure they meet our standards for data security, and the standards required under data protection law. Your data will never be sold or rented to other parties, and we don’t allow our Service Providers to use your data for any purposes other than those described in this privacy notice.

At times, we may ask you for permission to share some of your data, such as your name and email address, with our co-production partners, associate companies and visiting artists to help them in developing their audiences. We will ask you if you wish to opt-in for your data to be shared with them when you buy a ticket for one of their performances. If you have opted-in, then our partners may contact you until you opt-out. You will be able to unsubscribe from their communications directly by following the instructions provided in their messages.

Apart from our Service Providers, we may also use and share your data with other organisations as we believe necessary to comply with the law, to protect you, ourselves and others, to respond to requests from public and government authorities (which may include authorities outside your country of residence), or in the event of any reorganisation, sale, bankruptcy or other similar situations.

How long will we keep your personal data for?

We will only keep your Personal Data for as long as is necessary to fulfil the purposes we collected it for, which may include satisfying any legal, accounting, or reporting requirements. The retention period depends on the type of personal data and the reason we are processing it. Further details of retention periods can be obtained by contacting us by emailing [email protected]. As some examples:

• We must keep some personal data to ensure that we can meet our reporting obligations to HMRC. In such instances, we will retain personal data from the date of the transaction.
• CCTV Images – CCTV images are stored for 30 days.

When calculating the appropriate retention period for your data, we consider the nature and sensitivity of the data, the purposes for which we are processing the data, and any applicable statutory retention periods. Using these criteria, we regularly review the personal data which we hold and the purposes for which it is held and processed.

When we determine that Personal Data can no longer be retained (or where we must comply you request us to delete your data in accordance with your right to do so) we ensure that this data is securely deleted or destroyed.

Your rights

You have rights under the data protection legislation and, subject to certain legal exemptions, we must comply when you inform us that you wish to exercise these rights. There is no charge, unless your requests are manifestly unfounded or excessive. In such circumstances, we may make a reasonable charge or decline to act on your request. Before we action your request, we may ask you for proof of your identity. Once in receipt of this, we will process the request without undue delay and within one calendar month. In order to exercise your rights please contact [email protected].

You can contact us if you wish to complain about how we collect, store and use your Personal Data. It is our goal to provide the best possible remedy to your complaints.

However, if you are not satisfied with our answer, you can also contact the relevant competent supervisory authority. In the UK, the relevant supervisory authority is the ICO, contact details of which can be found below.

Your rights in connection with personal information are set out below:

Right to be informed – You have the right to be informed about how we use your data. We cover all of the important points in this privacy notice but if you have any questions, then don’t hesitate to email us.

Subject Access Request – You have a right to receive a copy of all the Personal Data we hold about you. We will charge £10 for repeat requests or enquiries which we deem to be unfounded or excessive.

Rectification – If any of the Personal Data we hold about you is incomplete or inaccurate; you have a right to have it corrected.

Erasure – This is also known as the “right to be forgotten”. You have a right to ask us to delete your Personal Data where there is no good reason for us continuing to process it. However, certain criteria apply and if we have a legitimate reason to continue processing your personal data, we will not be legally required to delete it. We may also retain anonymised data (for example, your booking history) for business purposes. This does not affect your right to erasure.

Objection – You have a right to object where we are relying on legitimate interests as our legal basis for processing your Personal Data but, in certain circumstances we may be able to continue with the processing. For example, if we have compelling legitimate grounds which override your interests, rights and freedoms or your personal information is needed for the establishment, exercise or defence of legal claims. However, you have an absolute right to object to us processing your Personal Data for direct marketing purposes.

Restriction – You have a right to ask us to restrict the processing of your Personal Data in certain circumstances. For example, you may require us to suspend processing information about you whilst checks are made to ensure it is accurate.

Portability – You have the right to ask us to transfer any Personal Data you have provided to us to another party, subject to certain criteria being satisfied. We will provide this Personal Data in a structured, commonly used and machine-readable format.

Right to withdraw consent – If you have given us your consent for the processing of your Personal Data, you can withdraw this at any time. Please note, the withdrawal has no effect on the legality of the data processing carried out in the past on the basis of your consent. To exercise your right to withdraw consent contact us at [email protected]. Please note, where you exercise this right, this will mean that we are no longer be able to offer you certain services such as online bookings and shopping, or access to our educational content or press materials. We may still send you important administrative messages needed to provide you with our services or in the event of changes, cancellations or other urgent situations which may inconvenience you if we were not to do so, this is to facilitate our contract with you and is not based upon your consent.

Where you have provided your consent for marketing purposes, you may also withdraw your consent in the preferences section of your online account with us whilst still receiving other communications from us, such as emails. If you no longer wish to be contacted for marketing purposes, simply manage your preferences in your online account or contact us by emailing [email protected].

Right to complain – If you are unhappy with the way in which your personal information has been or is being processed, you have the right to make a complaint to us. We must acknowledge this complaint within 30 days, and seek a resolution without undue delay. To exercise this right please contact [email protected].

You also have the right to complain to the Information Commissioner’s Office (ICO). They can be contacted at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
www.ico.org.uk

Please note: where personal data is being processed for purposes of archiving, your rights may be subject to exemptions or limitations. This is subject to appropriate safeguards being implemented, and exemptions/limitations are not automatic. These will be addressed on a case-by-case basis and will only be applied where complying with your request would seriously impair or render impossible the achievement of the archiving purpose. You will be informed of any such impact upon making your request.

Transferring your data to other countries

To provide our services, we may need to share your Personal Data with third parties, service providers, and suppliers outside the European Economic Area (the “EEA”)/your country of residence.  If we do this, we will ensure your Personal Data receives the same protection as if it were being processed inside the EEA. For example, our contracts with our suppliers stipulate the standards they must follow to process Personal Data.

Your data may be transferred to one or more of the following third countries:

• The United States of America

We currently implement the following safeguards to protect your personal data:

• Encrypting data when in transit.
• Implementing the UK Addendum to the EU Standard Contractual Clauses (SCCs), as approved by the European Commission.
• Implementing International Data Transfer Agreements.
• Completing Transfer Risk Assessments before any transfer takes place.

In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal data.

Marketing

With your consent we may contact you via email and/or phone to promote or inform you about our services. If you have provided consent, we may also contact you to promote services provided by third parties. Where we are legally required to obtain your consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.

Where we contact you for direct marketing purposes, we will comply with the requirements set out in the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).

To start or stop receiving marketing information from us, simply manage your preferences in your online account or contact us by emailing [email protected].

Our use of soft-opt in

When engaging with the Globe as a company, we may instead rely on the use of soft-opt in to send you marketing materials, based on our legitimate interests. We can only do so in situations where we have an existing commercial relationship with you, such as where you have previously purchased a ticket to one of our events. In these cases, we can market similar goods, services, or events to you without your explicit consent.

When engaging with the Globe as a charity, we may also rely on soft-opt in for charitable purposes. For example, where you have donated to us, we may get in touch with you surrounding further opportunities to help further our mission, including providing information on our activities. We can only do this when the sole purpose of our direct marketing is to further a charitable purpose, and this is only applicable to our Charity.

You will be informed at the time we collect your data that such marketing will take place, and you will be given the opportunity to opt-out.

Use of Artificial Intelligence

Generally, before any AI use, data is anonymised, however, your data may be processed by AI Tools that we use. We use these to improve the efficiency, quality and speed of our processes, including those related to marketing. We do not use AI to make automated decisions, and there is always a human element to approve outputs generated from the use of any AI Tools.

To ensure the safety of your personal data when using these tools, the Globe ensures that relevant contractual arrangements are in place to ensure its safety, and your personal data will never be used as training data.

Security

In order to protect your Personal Data, we put in place appropriate organisational and technical security measures. These measures include ensuring our internal IT systems are suitably secure and implementing procedures to deal with any suspected data breach.

In the unlikely event of a data breach, we will take steps to mitigate any loss or destruction of data and, if required, will notify you and any applicable authority of such a breach.

Although we use appropriate security measures once we have received your Personal Data, you will appreciate that the transmission of data over the internet (including by email) is never completely secure. We endeavour to protect Personal Data, but we cannot guarantee the security of data transmitted to or by us. If you feel that the security of your account or interaction with us has been compromised, please contact us immediately.

The Shakespeare Globe Trust
A Limited company registered in England and Wales No. 1152238
And a registered charity No. 266916
Shakespeare Globe Trading Limited registered in England and Wales No. 997433