top of page

Privacy Policy

Unexpected Places Ltd/Little Lights

Unexpected Places/Little Lights is committed to protecting and respecting your privacy. This policy sets out what personal data we collect from you, or that you provide to us, and how it will be used. Please read it through carefully and if you have any queries contact


Where we collect information from

When you give data to us directly:

  • Sign up to take our courses

  • Sign up to our mailing list

  • Complete one of our surveys

  • Participate in one of our courses, sessions or events

  • Apply for a position, paid or voluntary

  • Contact us on through Facebook 

  • Contact us directly by telephone, electronically, post or in person with feedback about your experience

  • When you give your consent for filming and/or photography at one of our sessions or events


When you give data to us indirectly:

  • Interact with us or mention us on social media sites

What we collect and how it is used

Personal Data

Personal data includes your (and your child's) contact details, date of birth, address, email, phone number, emergency contact name and number and images of you (or your child(ren), where permission has been granted) taken at sessions or events. This enables us to conduct business with you and provide you with the best service for your needs, and to keep you informed about Little Lights & Unexpected Places. Your details are collected via online booking form and stored on our secure Google cloud.


We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.


Special Category Data

Special Category Data may be asked for in certain instances; this includes your bank details (if you set up a regular payment), ethnicity, gender identity, medical information and next of kin.

This information is available to a restricted number of staff for whom it is deemed necessary. It is used to process some transactions, in the case of an emergency, or aggregated and anonymised for monitoring and reporting as required by public funding bodies.

Children’s Data

We collect and store data for under 16s who participate in our classes, which includes Special Category Data. Our online booking form ensures that we obtain consent from the parent/carer of the child before collecting this data . This information is available to a restricted number of staff for whom it is deemed necessary. When the young person reaches 16, consent is sought from the individual.

Purposes of use

Administering purchases

You give us Personal Data, such as your name and contact details so we can administer purchases (tickets, subscriptions, memberships, merchandise and donations) made online, in person or over the telephone. If you choose to save the details of your card for future purchases on your account, these details are captured by Wave & Stripe our payment provider. All transactions are conducted in accordance with the Payment Card Industry Data Security Standard. If you have given us information about family members, individuals or organisations you are connected to, this may be stored against your record as a relationship.


Little Lights sessions

If you participate in Little Lights courses, sessions or events, we ask for additional Personal Data such as (for the participant) your age, and information about your next of kin. We also ask for medical information and emergency contact details; this is classed as Special Category Data. We do this to ensure that staff are aware of any specific needs of participants and so we can quickly contact relevant people in the case of an emergency.



Electronic and postal

For all parents/guardians who have signed up for Little Lights classes we use your details to keep you up to date about Little Lights course information, and for leaders to contact you regarding the sessions. If you would prefer us not to contact you via email please email, however this method of communication is essential to us keeping you in the loop.


You can elect to sign up to our mailing list. You can opt out of this at any time by emailing us at - or clicking unsubscribe from the e-news itself. We never send you information about anything outside of Unexpected Places/Little Lights.



Depending on your device’s privacy settings and those on other websites and apps you use, we may aggregate information you give us directly or indirectly to target advertising and social media posts. For example we may create a specific campaign to be shown on social media to people in the PO19 postcode area aged between 16 and 25, or an advert to target specific people who have visited a particular page on our website.

How a website tracks you depends on the privacy settings on the device you are using and any privacy settings you have set up with individual sites and apps.

Reporting and analysis

We use the data you give us directly and indirectly to report on our Little Lights attendance numbers, show & workshop attendance and to improve your experience. This reporting is created from aggregated data and is not attributable to individuals.

Our website

When you visit our website we may automatically collect technical information about your session including the Internet Protocol (IP) address that connects your device to the internet, the type of device you use, your browser, operating system, whether you made a purchase and from where you have arrived at our site. We do not link this information to anything that identifies individuals. This information enables us to analyse how the website is used, where improvements can be made and to report to funding and public bodies.



If you apply for a job, work experience or volunteer opportunity at Unexpected Places we collect Personal Data and Special Category Data as part of your application. Equal Opportunities information is requested separately and anonymously and cannot be tracked back to individual applicants.

How we keep your data safe and who has access

Unexpected Places/Little Lights staff have access to your data at differing levels. Our Little Lights leaders are able to see the information you have submitted on your booking form, but all other data is only visible to the Director, Producerm Marketing Manager and Youth Theatre Coordinator. We use a few different services who have access to your data, Google, Wix, Wave & Stripe (and occasionally Ticketsource). These organisations only hold the data for the reason contracted by Unexpected Places and do not sell, share or use your data for any other purpose

Paper files with Personal and Special Category Data are kept to a minimum and are stored securely when not in use.


Our company is hosted on the platform. provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through’s data storage, databases and the general applications. They store your data on secure servers behind a firewall.


All direct payment gateways offered by and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.


If legally required we may disclose your information to the police, regulatory bodies or legal advisors. We will only share your data in other circumstances with your consent.

If there is a breach of data that is likely to have a detrimental effect on individuals (for example, result in discrimination, damage to reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage), Unexpected Places will notify the Information Commissioners Office within 72 hours of becoming aware of the breach. Any individuals affected will also be notified within this timeframe.

Keeping your information up to date

Please let us know when your details change so we can make sure that our information is current. Email

Your rights

If you wish to amend your data, ask us to stop using your Personal and Special Category Data for reasons other than processing your transaction, or erase your Personal and/or Special Category Data please contact us at

You have a right to ask for a copy of the information we hold about you. To request this please send an email to We do not make a charge for this, but may charge a reasonable administrative fee if we deem the request to be unfounded or excessive. We endeavour to respond to requests within 30 days.

Changes to this Privacy Policy

We may make changes to this Privacy Policy from time to time. We will post any changes to this page and notify you of any material changes by e-mail if we have permission to do so.

bottom of page