Privacy Policy

GDPR

What is GDPR?

GDPR stands for “The General Data Protection Regulation” and is a privacy law from the European Union which applies from May 25, 2018.

What activities are covered by the GDPR?

The GDPR applies to the processing of personal data.
Processing is a fancy word for, “doing anything with data”.
This only applies to personal data which is anything that is associated with, or related to, someone who is identified or who can be identified.
Identified includes: names, email addresses, physical addresses, and most people agree it includes IP addresses and other info collected automatically.
Also includes any type of processing and information collected automatically, through an opt-in or any other collection method. (ex: surveys, quizzes, etc.), or through tagging or segmenting in a CRM database.

6 principles of the GDPR

#1: Data shall be processed “lawfully, fairly, and in a transparent manner.”

We have to be upfront about what we are collecting the data for.

#2: Data shall be “collected for specified, explicit and legitimate purposes.”

We can’t collect data without explaining how we are using it, and those purposes have to be legitimate.

#3: Data processing shall be “limited to what is necessary” for the purpose.

We may only collect the minimum amount of data for the purpose we are collecting it for. Once we have collected the necessary data, we can only use it for its intended purpose.

#4: Data shall be accurate, kept up to date, and corrected.

Doesn’t really apply to us. This is more for the Google and Facebooks of the world.

#5: Data shall be kept so it identifies a person “no longer than is necessary.”

We should not keep data about people forever if there is no reason to keep it.

#6: Data shall be “processed in a manner that ensures appropriate security.”

We have to take reasonable steps to protect the data.

Widgets

We use Google Analytics to track social shares made at our website. Google automatically collect and store certain information in their server logs which includes device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL, cookies that may uniquely identify your browser or your Google Account, in accordance with their data privacy policy: https://policies.google.com/privacy

We embed a Facebook widget to allow you to see number of likes/shares/recommends and “like/share/recommend” our webpages. This widget may collect your IP address, your web browser User Agent, store and retrieve cookies on your browser, embed additional tracking, and monitor your interaction with the widget, including correlating your Facebook account with whatever action you take within the widget (such as “liking/sharing/recommending” our webpage), if you are logged in to Facebook. For more information about how this data may be used, please see Facebook’s data privacy policy: https://www.facebook.com/about/privacy/update

We use a Twitter Tweet widget at our website. As a result, our website makes requests to Twitter’s servers for you to be able to tweet our webpages using your Twitter account. These requests make your IP address visible to Twitter, who may use it in accordance with their data privacy policy: https://twitter.com/en/privacy#update

We use Pinterest Save widget at our website to allow you to pin images to Pinterest from our webpages. These requests may track your IP address in accordance with their data privacy policy: https://policy.pinterest.com/en/privacy-policy

Why Do We Collect Your Information

As a client we want to be able to keep in touch with you which is why we collect your phone number and email address. This information will only be used so we can keep in touch with you about your event or events in your venue if this applies. We may also send very limited email offers, reminders, and keep in touch so we can retain your custom.

We have to keep records for tax purposes for a number of years after your booking. Your data will not be kept beyond this obligation

Your data is secure and accessible by only myself. We do not keep any hard copies of your data beyond each booking being completed.

What Information Do We Keep

We keep your personal information, for example your name , address, email address, telephone number and any details about your event. We may have some images taken at your event which may be used on our website or social media.

What Are Your Rights?

The GDPR includes the following rights for individuals:

  • the right to be informed
  • the right of access
  • the right to rectification
  • the right to erasure
  • the right to restrict processing
  • the right to data portability
  • the right to object
  • the right not to be subject to automated decision-making including profiling.

If you would like to know what data we hold on you we are happy to oblige. Simply make a Subject Access Request (SAR) by email.

Data Protection Officer I, Deryck Obray, am the named Data Protection Officer for Riggers Gallery. My contact details are available at the foot of our Contact Us page. We, at Riggers Gallery, take your privacy seriously and fully comply with GDPR laws. We WILL NOT use any information you provide for any other purpose than for the preparation and completion of your event or to satisfy contractual, legal or tax obligations. Your details WILL NOT be sold or shared with any third party. For more information on GDPR please visit the GDPR website.

Spread the love