When a user of the Curtis website purchases tickets or makes a donation, we must have the information necessary to process the transaction: name, address, telephone number, e-mail address, and, when applicable, credit card number. For reasons of security, no credit card information is shared with any third parties or stored permanently on our Web server. Curtis partners with a PCI-compliant vendor called Blackbaud to process all credit card transactions; read more to learn about its PCI compliance policies. If a user registers at our site but does not make a request or purchase, this same information is collected, with the exception of credit card information.
In addition to being used to fulfill your requests and process your transactions, your name and contact information will be added to our database, and we may perform statistical analyses of user behavior to measure interest in the various areas of our site. Users may also always make ticket purchases or donations without logging in and creating a profile and user ID; these transactions are likewise protected and secure.
Curtis may release information if required to do so by law or in the good faith belief that it is necessary to comply with the law or legal process served on us or protect and defend our legitimate business interests, rights or property, or rights of our customers and patrons.
If you communicate with us by letter, e-mail, or phone or in person, it is possible that information about the communication may be collected into a file specific to you.