Cookies & Privacy Policy

Privacy & Cookies Policy 

1.Introduction 

1.1We are committed to safeguarding the privacy of our users.  In this policy, we explain how we will treat your personal information (whether it is collected online, via phone, email, post, or in any other correspondence, or from a third party). 

1.2We will keep your data private and will only use it for the purposes set out in this policy and in accordance with all applicable laws concerning the protection of personal information. 

1.3By using our website and services and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy. 

1.4This Policy was last updated 03/01/2020.   

2.Credit 

2.1This document was created using a template from SEQ Legal (http://www.seqlegal.com). 

3.Collecting personal information 

3.1We may collect, store and use the following kinds of personal information:  

(a)Information you give us: for example, when you make a donation to us or sign-up to our mailing list you provide us with personal information such as your name, email address and contact details. 

(b)Information we get from your use of our website and our servicesWe collect information about the services you use and how you use them, like when you comment on our social media feedsor open an email from us or use the website contact form (including the communication content and metadata associated with the communication) 

(c)     Information from third partiesWe may also receive information about you from third parties you have provided information to such as our project partnersIt could also be from other service providers that collect your datafor example, using Google Analytics we can confirm your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths and this information may be used to improve the services we offer to you. 

3.2Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy. 

3.3If you are under 18, you are unable under law to provide consent that allows us to contact you. You need a parent or guardian to provide this consent for you. Some of our educational events involve young people and we may need to collect their data so that we can contact them about a project that they are involved with. If we collect this data, we will also collect parental consent to store and use these details for the purpose of engaging the young person in the project.   

4.Using personal information 

4.1We may use your personal information to:  

(a)send you email correspondence that you have specifically requested; 

(b)send you our email newsletter, if you have requested it; 

(c)send you other marketing communications relating to our business which we think may be of interest to you by email; 

(d)ask you for support by email or post for our charitable work, such as a donation towards a crowd-funding campaign or another fundraising activity;  

(e)deal with enquiries and complaints made by you; 

(f)keep our website secure and prevent fraud; and 

(g)verify compliance with the terms and conditions governing the use of our website (including monitoring private messages sent through our website private messaging service). 

4.2You can opt-out of receiving information from us at any time by clicking on the “unsubscribe” link at the bottom of emails from us or contacting us directly using the details in section 15 below.   

4.3In certain instances, we collect and use your personal information by relying on the legitimate interest legal basis. This means that we may contact you because we have a legitimate organisational interest to use your personal information to respond to you about an interest you have shown in the activities we deliver and there is no overriding prejudice to you by using your personal information for this purpose. In most instances, however, we will rely on obtaining your proactive consent to our use of your personal information. 

4.4All our website financial transactions are handled through our payment services provider, Paypal. You can review the provider’s privacy policy at https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full. We will share information with our payment services provider only to the extent necessary for the purposes of processing payments/donations you make via our website, refunding such payments, thanking you for payments/donations, and dealing with complaints and queries relating to such payments and refunds. 

5.Disclosing personal information 

5.1We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this policy. 

5.2We may disclose your personal information:  

(a)to third parties who provide a service to us and are data processors such as ticketing system providers. Any third party must comply with our data protection policies and relevant data protection laws and make sure that appropriate controls are in place. 

(b)to the extent that we are required to do so by law; 

(c)in connection with any ongoing or prospective legal proceedings; 

(d)in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk); 

(e)to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and 

(f)to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information. 

5.3Except as provided in this policy, we will not provide your personal information to third parties. 

6.International data transfers 

6.1Information that we collect may be stored and processed in and transferred between any of the countries in which we operate or have data servers in order to enable us to use the information in accordance with this policy. 

6.2Information that we collect may be transferred to the following countries which do not have data protection laws equivalent to those in force in the European Economic Area: the United States of America, Russia, Japan, China and India. 

6.3You expressly agree to the transfers of personal information described in this Section 6. 

7.Retaining personal information 

7.1This Section 7 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information. 

7.2Personal information that we retain and process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.   

7.3If we receive any indication that your details may be out of date (for example, your email addresses bounces or you do not open an email from us for 2 years or more) then your details will be deleted.    

7.4Notwithstanding the other provisions of this Section 7, we will retain documents (including electronic documents) containing personal data:  

(a)to the extent that we are required to do so by law; 

(b)if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and 

(c)in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk). 

8.Security of personal information 

8.1We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. 

8.2We will store all the personal information you provide on secure cloud-based systems or servers. 

8.3All electronic financial transactions entered into through our website will be protected by encryption technology. 

8.4You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. 

9.Amendments 

9.1We may update this policy from time to time by publishing a new version on our website. 

9.2You should check this page occasionally to ensure you are happy with any changes to this policy. 

9.3We may notify you of changes to this policy by email. 

10.Your rights 

10.1You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:  

(a)the payment of a fee (currently fixed at GBP 10); and 

(b)the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address). 

10.2We may withhold personal information that you request to the extent permitted by law. 

10.3You may instruct us at any time not to process your personal information for marketing or fundraising purposes. 

11.Third party websites 

11.1Our website includes hyperlinks to, and details of, third party websites. 

11.2We have no control over, and are not responsible for, the privacy policies and practices of third parties. 

12.Updating information 

12.1Please let us know if the personal information that we hold about you needs to be corrected or updated or if you wish to update your communication preferences.   

13.Cookies 

13.1Our website uses cookies. 

13.2A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. 

13.3Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. 

13.4Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. 

13.5We use both session and persistent cookies on our website. 

13.6The names of the cookies that we use on our website, and the purposes for which they are used, are set out below: 

(a)we use: 

hjIncludedInSample (hotjar user analytics) 

wfvt_358341616 (geographic session cookies) 

wordfence_verifiedHuman (security cookie) 

DYNSRV (for load balancing to manage server traffic demand) 

13.7If you have any concerns about cookies, or want to remove cookies from your computer, please visit All About Cookieshttps://www.allaboutcookies.org/ which explains how to do this.  

14.Data Protection Registration 

14.1Our data protection policy complies with the Data Protection Principles outlined by the Information Commissioner’s Office. 

15.Our details 

15.1This website is owned and operated by Bedford Creative Arts.   

15.2We are registered in England and Wales under registration number 5305188, and our registered office is at 104 Midland Road, Bedford, MK40 1QE. 

15.3Our principal place of business is at 104 Midland Road, Bedford, MK40 1QE. 

15.4You can contact us: 

(a)by post, using the postal address given above; 

(b)http://bedfordcreativearts.org.uk/contact-us/; 

(c)by telephone on 01234 818670; or 

         (d)by email using info@bedfordcreativearts.org.uk