TheatreIntelligence

TheatreIntelligence

Features
Pricing
About
Contact
Launching 2026 ยท Early Access Open
Request Demo

No credit card required

Legal

GDPR Compliance

Last updated: March 1, 2026

Theatre Intelligence, Inc. is committed to complying with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the UK GDPR as it applies to our customers and their end users located in the European Economic Area and the United Kingdom. This page sets out how we fulfil our obligations as a data processor and, in certain contexts, as a data controller under the GDPR. See also our Privacy Policy, Cookie Policy, Security page, and contact our DPO.

1. Our Commitment

We take data protection seriously. Privacy and security are foundational to how we design and operate the Theatre Intelligence platform. We have implemented technical and organisational measures aligned with the requirements of the GDPR and follow a data protection by design and by default approach when building new features and handling personal data.

Our compliance programme is overseen by a designated Data Protection Officer (DPO) and reviewed on an ongoing basis to reflect changes in regulation, guidance from supervisory authorities, and developments in best practice. We conduct regular data protection impact assessments (DPIAs) for high-risk processing activities.

2. Data Controller

Theatre Intelligence, Inc. acts as the data controller for personal data we collect directly from visitors to our website and from our customers when they create accounts, subscribe to the Services, or interact with our sales and support teams. As a data controller, we determine the purposes and means of processing this personal data.

When our customers use the Theatre Intelligence platform to monitor their venue equipment and the personal data of their own employees or end users is processed through the platform, we act as a data processor on behalf of our customers. In this capacity, we process personal data only on documented instructions from the customer and in accordance with our Data Processing Agreement.

3. Lawful Basis for Processing

We identify and document a lawful basis for each category of personal data we process. The primary lawful bases we rely upon are:

  • Contract: Processing necessary for the performance of our subscription agreement with you, including account management, service delivery, and billing.
  • Legitimate Interests: Processing for fraud prevention, security monitoring, product improvement, and direct marketing to existing customers, where these interests are not overridden by your rights.
  • Legal Obligation: Processing necessary to comply with applicable laws, including tax, accounting, and regulatory requirements.
  • Consent: For optional marketing communications and non-essential cookies, where we rely on your freely given, specific, informed, and unambiguous consent.

4. Your Rights Under GDPR

If you are located in the EEA or UK, you have the following rights regarding your personal data. To exercise any of these rights, please submit a request to our DPO at [email protected]. We will respond within one month of receipt of your request.

Right of Access

You have the right to obtain confirmation of whether we process personal data about you and, if so, to receive a copy of that data along with supplementary information about how it is used.

Right to Rectification

You have the right to request that we correct inaccurate personal data concerning you or complete incomplete personal data, taking into account the purposes of the processing.

Right to Erasure

Also known as the 'right to be forgotten,' you may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and no other legal basis exists.

Right to Data Portability

Where processing is based on consent or contract and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

Right to Object

You have the right to object to processing of your personal data where we rely on legitimate interests as our lawful basis. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.

Right to Restrict Processing

You may request restriction of processing in certain circumstances, such as while we verify the accuracy of your data or consider an objection you have raised.

You also have the right to lodge a complaint with your local supervisory authority at any time. For EEA residents, your lead supervisory authority may be determined by your country of habitual residence. For UK residents, the relevant authority is the Information Commissioner's Office (ICO).

5. Data Transfers

Theatre Intelligence is headquartered in the United States. When we transfer personal data from the EEA or UK to the United States or other third countries, we ensure that appropriate safeguards are in place in accordance with the GDPR.

We rely on Standard Contractual Clauses (SCCs) as approved by the European Commission for transfers from the EEA, and the International Data Transfer Agreement (IDTA) for transfers from the UK. Where we transfer data to sub-processors, we require equivalent protections through back-to-back contractual commitments. A full list of our sub-processors is available upon request.

6. Data Processing Agreement

Customers who are subject to the GDPR may require a Data Processing Agreement (DPA) to be in place before using our Services. Our standard DPA is incorporated by reference into our Terms of Service for all customers and covers our obligations as a data processor under Article 28 of the GDPR.

Enterprise customers who require a customised or countersigned DPA may request one by contacting their account manager or emailing [email protected]. We will process such requests within five business days. A copy of our standard DPA is available for download in your account settings.

7. Contact Our DPO

Our Data Protection Officer is the primary point of contact for all GDPR-related enquiries, data subject rights requests, and supervisory authority correspondence.

Data Protection Officer

Theatre Intelligence, Inc.

[email protected]

EU/EEA residents may also contact our EU representative at [email protected].