This policy has been written in accordance with the UK Data Protection Act 1998 and the General Data Protection Regulation (GDPR) 2018.
We may change this policy from time to time and you should periodically reread it to ensure that you are happy with any changes.
What We Collect
We may collect the following information:
- Information you give us – you may give us information about you by filling in forms on our website or by corresponding with us by phone, email or otherwise. This includes information you provide when you join as a member, sign up to one of our activities, make an enquiry, complete a survey or apply to work for us and when you report a problem with our site. This information may include:
- Contact Information (email, phone, address)
- Language Details
- Date you became a member or contacted us
- Other information relevant to specific our projects
- Any other information you shared with us
- Information we collect about you – this is in regard to each of your visits to our site. We may automatically collect the following information through Google Analytics:
- Demographic information – including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page
If you work for us we have legal obligation to collect and keep certain data on file, this includes the following details:
- Your name
- Your address
- Your NI number
If you work for us we may also keep the following additional information on file:
- DBS number and its date of issue (we do not keep a copy of the certificate itself beyond 6 months)
- Information about training you’ve attended where it relates to our work – i.e. Child Protection training
- Your bank account details – these are held securely on our Co-operative Online Business Banking portal so we can easily pay you
- Details you provide on your invoice (these are kept for 7 years in locked storage as we must keep a copy of our accounts for this long)
If you have applied to work with us we may have the following data on file:
- Details of your qualifications, skills, experience and employment history
- References from previous work
Information on Children
The use of this website is not necessarily aimed at children (anybody under the age of 16) but we may collect their name and age for activities and events we run. We may from time to time ask for other personal information, such as a child’s medical history or DOB, however this is always asked to be disclosed by the parent and is part of a legal obligation for children to participate in certain activities without the attendance of a supervising adult.
If you are a child (under 16) and want to register with us for a competition or other activity / event, you must ask your parent or guardian for permission to register, confirm you have permission to register and provide an email address (if you are registering for a service through your computer) for the parent or guardian. We may contact a parent or guardian to verify they have given consent.
What We Do with the Information We Gather
Information you give us. We will use this information to:
- periodically send promotional emails about new initiatives, projects, activities or events or other information which we think you may find interesting
- provide you with information about our work
- process orders that you have submitted
- improve our programmes, services and activities
- internal record keeping
- process a job application
Information we collect about you. We will use this information to:
- administer our site and for data analysis
- improve our services
Links to Other Websites
Data Storage & Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We check that the services we use to store information comply with the GDPR. We keep your data on password protected computers and databases. Paper copies are kept locked in our office.
Your data is stored in one or all of the following places, depending in what manner you provided the details:
- On our online database (WordPress / Mailchimp)
- On a database on our IT system (including email)
- On paper
How Long Do We Keep Your Information For
If you provided your information for one of our activities or events we will keep your details for no more than three years. If you are signed up to one of our newsletters you can unsubscribe at any time.
If you are a member or have worked for us we will keep your details on file for up to three years after you have ceased being a member or ceased working for us.
If you applied to work with us but were unsuccessful we will keep your details for no more than one year.
If you wish your details to be removed before this then please contact us.
Sharing your data
We will never pass on your details to third parties except where you have given us your express permission. For example to other artists or to a school you may be working with. We will not sell, distribute or lease your personal information to third parties unless we are required by law to do so.
You have the right to access your personal information, to object to the procession of your personal information, to rectify, to erase, to restrict and to port your personal information.
You may request information from us on what information we hold on you at any time free of charge. We will respond within 1 month.
Siân Walters – Arts Manager – firstname.lastname@example.org – 01691 648 929
How to make a complaint
If you are dissatisfied then you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at by visiting – www.ico.org.uk