Art UK Website

Art UK is the operating name of the Public Catalogue Foundation, a charity registered in England and Wales (charity number: 1096185) with its registered office at Third Floor, Peek House, 20 Eastcheap, London EC3M 1EB.

The Art UK website at www.artuk.org (the Website) is operated by the Public Catalogue Foundation. The Public Catalogue Foundation is the data controller of personal data collected from you by this Website and related means, or otherwise provided by you to us.

The Public Catalogue Foundation (We, us, our) are committed to protecting and respecting your privacy. The Data Protection Act 1998, the General Data Protection Regulation, and other applicable national data privacy laws (together, Data Privacy Laws) place obligations on us in relation to the personal data that we collect and hold. This Privacy Policy (together with our Website Terms of Use) sets out how we comply with Data Privacy Laws, including detailing the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.artuk.org (the Website) or otherwise providing us with your personal data you are doing so on the basis of the general practices described in this Privacy Policy.

Where we require your consent to process your personal data in accordance with these practices, we will seek this consent at the point at which you provide us with this data. Where we wish to process your personal data for a purpose other than that for which the personal data were collected, we will notify you of that intention and obtain any further necessary consents.

1. Information we may collect from you

1.1 We may collect and process the following data about you:

(a) Information you give us. You may give us personal data about you when you use our Website, or in correspondence with us, by phone, email or otherwise. This data may include information you provide when you register to use the Website; subscribe to any of our services; place an order on the Website; post material to our Website; enter a competition, promotion or survey; report a problem with the Website; or otherwise in connection with your communications with us. The information you give us may include your name, address, email address, phone number, employer, job details, financial and credit card information, personal description and information relating to your participation in and feedback on any of our products or services.

(b) Information we collect about you. We may collect and process technical information about your computer, including (where available) your Internet Protocol address; login information; browser type and version; time zone setting; browser plug-in types and versions; operating system and platform. We may also collect and process information about your visit to our Website, including the full Uniform Resource Locators (URL) clickstream to, through and from the Website (including date and time); products you viewed or searched for; page response times; download errors; length of visits to certain pages; page interaction information (such as scrolling, clicks, and mouse-overs); methods used to browse away from the page; and any phone number used to contact us. We collect this information for system administration purposes and to report aggregate information on usage.

(c) Information we receive from other sources. We may also receive information about you from third parties, where you have consented to those third parties sharing your personal data with us. Where we receive personal data in this way, we will process it in accordance with the terms of this Privacy Policy and the terms of any consent that you provided.

2. Cookies

The Website uses cookies to distinguish you from other users of the Website. This helps us to provide you with a good experience when you browse the Website and also allows us to improve the Website. For detailed information on the cookies we use and the purposes for which we use them see our Cookies Policy.

3. Uses made of the information

3.1 We use information held about you in the following ways:

(a) to carry out our obligations arising from any contracts entered into between you and us and to provide you with any information, products and services that you request from us;

(b) to contact you (including by email, post or telephone) in relation to the products and services that you have signed up for;

(c) to contact you (including by email, post or telephone), about other products and services that we offer that are similar to those that you have already purchased, signed up for or enquired about, provided that you have opted in to receive these communications;

(d) to send you newsletters and other updates on our organisation and our products and services by email, where you have opted in to receive these;

(e) to administer and facilitate our programmes and services;

(f) to notify you about changes to our organisation or services;

(g) if you provide feedback about our Website, services or projects through a contact form or email address, to develop and improve the relevant area;

(h) to monitor the way in which our sites are used, and to ensure that content from the Website is presented in the most effective manner for you and for your computer;

(i) to administer the Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

(j) to allow you to participate in interactive features of our service, when you choose to do so;

(k) as part of our efforts to keep the Website safe and secure; and

(l) to make suggestions and recommendations to you and other users of the Website about products or services that may interest you or them. We will only contact you about these products or services where you have opted in to receive these communications.

3.2 We will process your personal data on the basis of your consent, if requested, and/or our legitimate interests (which include (i) the performance of our obligations under any contracts entered into between you and us; (ii) the administration, improvement and promotion of our projects and our Website; (iii) management of relationships with our supporters; and (iv) for compliance with applicable laws, rules and regulations). Where possible we will seek to use aggregate data in order to achieve these aims.

3.3 Where our processing is based on your consent, and not any other legal basis, you have the right to withdraw your consent at any time. This withdrawal will not affect the lawfulness of processing prior to the withdrawal. If you inform us that you no longer wish to receive email or other communications from us, we will stop sending you these communications.

4. Disclosure of your information

4.1 In order to provide our products and services, we may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

4.2 Where we have your opt-in consent to do so, we may share your information with selected third parties who we work with in order to run and promote our projects, including but not limited to, the BBC, and participating collection administrations.

4.3 We may also disclose your personal information to third parties:

(a) if the Public Catalogue Foundation or substantially all of its assets are acquired by a third party (who will be a UK charity and a not-for-profit organisation), in which case personal data will be one of the transferred assets and the new owner may use your personal data in the same way as set out in this privacy notice;

(b) if required to do so by Law or in we believe in good faith that we are required to do so by any order of the Courts or other competent body or agency;

(c) in order to enforce or apply our Website Terms of Use and other agreements; or

(d) in order to protect or defend our rights or property or to protect the personal safety of our employees or the public at large.

4.3 We may from time to time engage third parties to perform services (including the processing of personal data) on our behalf, such as hosting our data (including your personal data) and Website; sending emails and other communications relating to our products and/or services; providing analytic services, such as tracking usage of our operational sites or websites; or performing other administrative services for us. We shall only use processors that will commit to implement appropriate technical and organisational measures in order to ensure that their processing activities meet the requirements of Data Privacy Laws and ensure the protection of your data protection rights. Prior to allowing these service providers to access your personal data, we will enter into a formal agreement with them to ensure that they handle and process the information in accordance with applicable law.

4.4 We will not share your information with parties outside of the European Economic Area (the EEA) unless we are legally permitted or required to do so. You should be aware that certain non-EEA countries do not require the same standards of protection of personal data as are legally required in the EEA. If we send your data to these countries, we will ensure that there are appropriate and suitable safeguards to protect your personal data. This will involve at least one of the following:

(a) we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;

(b) where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe; and

(c) where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

If you require further information on these mechanisms, please contact us at info@artuk.org.

5. Data security

5.1 All information you provide to us is stored within the EEA on secure servers provided by a third party vendor. Although we will do our best to protect your personal data, we cannot guarantee the security of the information transmitted to our Website and any transmission is at your own risk. Once we have received your information, we will put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we will limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to access your data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

5.2 Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

5.3 The Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. It is your responsibility to check those policies before you submit any personal data to these websites.

6. Your rights

6.1 You have the right to:

(a) request access to personal data held about you by us and be provided with information in relation to that data (including the purposes for which the data are processed, the recipients to whom that personal data have been or will be disclosed, how long it will be stored for, details of any automated decision-making and your right to lodge a complaint with the Information Commissioner’s Office);

(b) have inaccurate personal data amended or erased, and to have incomplete personal data completed;

(c) request the erasure of your personal data (the so-called ‘right to be forgotten’);

(d) object to or restrict the processing of your personal data (including where your personal data is processed for direct marketing purposes or on the basis of legitimate interests);

(e) request that your personal data be transferred to another data controller or provided in a format that will permit this transfer (the so-called ‘right to portability’);

(f) object to any decision that affects you being taken solely by a computer or other automated process (including profiling);

(g) withdraw any consent you have granted to us in connection with the use of your personal data at any time by updating your preferences in your online account via the Website or by emailing info@artuk.org; and

(h) lodge a complaint with the UK Information Commissioner’s Office (ICO) (see https://ico.org.uk/concerns/ for further details on how to lodge a complaint). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

7. Retention of personal data

Your personal data will be destroyed or erased from our systems when it is no longer required for the relevant specified purpose that it was collected for, provided that we may retain personal data in order to comply with applicable laws, regulations and rules. As a general rule, this means we will retain your personal data for the duration of your involvement with us and for up to six years afterwards. However, retention and destruction of personal data will be considered on a case-by-case basis.

8. Changes to our privacy policy

This version was last updated on 25 May 2018 and historic versions can be obtained by contacting us at info@artuk.org.

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.

9. Contact

If you have any questions or concerns regarding our use of your personal data or our Privacy Policy, please email us at info@artuk.org or contact Lauren Colley, who is responsible for overseeing questions in relation to this Privacy Policy, at lauren.colley@artuk.org.

 

 

Art UK Shop Privacy Policy

The Art UK Shop, www.artuk.org/shop, (Art UK Shop) is independently operated by Internova U.K. Ltd, a company registered in England and Wales under company number 03837521 with its registered office at Provident Works, Newdigate Street, Nottingham, NG7 4FDPY (Internova). 

Art UK and Internova are joint data controllers of the personal data collected through the Art UK Shop.

Art UK is the operating name of the Public Catalogue Foundation, a charity registered in England and Wales (charity number: 1096185) with its registered office at Third Floor, Peek House, 20 Eastcheap, London EC3M 1EB. For more information on how Art UK handles personal data collected when you use the rest of the www.artuk.org website, please see our separate Art UK Privacy Policy above.

The Public Catalogue Foundation and Internova (We, us, our) are committed to protecting and respecting your privacy. The Data Protection Act 1998, the General Data Protection Regulation, and other applicable national data privacy laws (together, Data Privacy Laws) place obligations on us in relation to the personal data that we collect and hold. This Privacy Policy (together with our Art UK Shop Terms and Conditions of Supply and Art UK Website Terms of Use) sets out how we comply with Data Privacy Laws, including detailing the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. 

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting the Art UK Shop you are accepting and consenting to the practices described in this policy. 

Where we require your consent to process your personal data in accordance with these practices, we will seek this consent at the point at which you provide us with this data. Where we wish to process your personal data for a purpose other than that for which the personal data were collected, we will notify you of that intention and obtain any further necessary consents.

1. Information we may collect from you

We may collect and process the following data about you:

(a) Information you give us. You may give us personal data about you when you use the Art UK Shop, or in correspondence with us, by phone, email or otherwise. This data may include information you provide when you register to use the Art UK Shop; subscribe to any of our services; place an order on the Art UK Shop; enter a competition, promotion or survey; report a problem with the Art UK Shop; or otherwise in connection with your communications with us. The information you give us may include your name, address, email address, phone number, employer, job details, financial and credit card information, personal description and information relating to your participation in and feedback on any of our products or services.

(b) Information we collect about you. We may collect and process technical information about your computer, including (where available) your Internet Protocol address; login information; browser type and version; time zone setting; browser plug-in types and versions; operating system and platform. We may also collect and process information about your visit to the Art Uk Shop, including the full Uniform Resource Locators (URL) clickstream to, through and from the Art Uk Shop (including date and time); products you viewed or searched for; page response times; download errors; length of visits to certain pages; page interaction information (such as scrolling, clicks, and mouse-overs); methods used to browse away from the page; and any phone number used to contact us. We collect this information for system administration purposes and to report aggregate information on usage.

(c) Information we receive from other sources. We may also receive information about you from third parties, where you have consented to those third parties sharing your personal data with us. Where we receive personal data in this way, we will process it in accordance with the terms of this Privacy Policy and the terms of any consent that you provided.

2. Cookies

The Website uses cookies to distinguish you from other users of the Website. This helps us to provide you with a good experience when you browse the Website and also allows us to improve the Website. For detailed information on the cookies we use and the purposes for which we use them see our Cookies Policy.

3. Uses made of the information

3.1 We use information held about you in the following ways:

(a) to carry out our obligations arising from any contracts entered into between you and us and to provide you with any information, products and services that you request from us including to process and fulfil orders;

(b) to contact you (including by email, post or telephone) in relation to orders and to improve the Art UK Shop;

(c) to contact you (including by email, post or telephone), about other products and services that we offer that are similar to those that you have already purchased, signed up for or enquired about, provided that you have opted in to receive these communications;

(d) to send you newsletters and other updates on our organisation and our products and services by email, where you have opted in to receive these;

(e) to administer and facilitate our programmes and services;

(f) to notify you about changes to our organisation or services;

(g) if you provide feedback about our the Art UK Shop, services or projects through a contact form or email address, to develop and improve the relevant area;

(h) to monitor the way in which the Art UK Shop is used, and to ensure that content from the Art UK Shop is presented in the most effective manner for you and for your computer;

(i) to administer the Art UK Shop and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

(j) as part of our efforts to keep the Art UK Shop safe and secure; and

(k) to make suggestions and recommendations to you and other users of the Art UK Shop about products or services that may interest you or them. We will only contact you about these products or services where you have opted in to receive these communications.

3.2 We will process your personal data on the basis of your consent, if requested, and/or our legitimate interests (which include (i) the performance of our obligations under any contracts entered into between you and us; (ii) the administration, improvement and promotion of the Art UK Shop; and (iii) for compliance with applicable laws, rules and regulations). Where possible we will seek to use aggregate data in order to achieve these aims.

3.3 Where our processing is based on your consent, and not any other legal basis, you have the right to withdraw your consent at any time. This withdrawal will not affect the lawfulness of processing prior to the withdrawal. If you inform us that you no longer wish to receive email or other communications from us, we will stop sending you these communications.

4. Disclosure of your information

4.1 In order to provide our products and services, we may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

4.2 Where we have your opt-in consent to do so, we may share your information with selected third parties who we work with in order to run and promote our projects, including but not limited to, participating collection administrations.

4.3 We may also disclose your personal information to third parties:

(a) if required to do so by Law or in we believe in good faith that we are required to do so by any order of the Courts or other competent body or agency;

(b) in order to enforce or apply our Art UK Shop Terms of Use and Supply and other agreements; or

(c) in order to protect or defend our rights or property or to protect the personal safety of our employees or the public at large.

4.3 We may from time to time engage third parties to perform services (including the processing of personal data) on our behalf, such as hosting our data (including your personal data) and the Art UK Shop; sending emails and other communications relating to our products and/or services; providing analytic services, such as tracking usage of our operational sites or websites; or performing other administrative services for us. We shall only use processors that will commit to implement appropriate technical and organisational measures in order to ensure that their processing activities meet the requirements of Data Privacy Laws and ensure the protection of your data protection rights. Prior to allowing these service providers to access your personal data, we will enter into a formal agreement with them to ensure that they handle and process the information in accordance with applicable law.

4.4 We will not share your information with parties outside of the European Economic Area (the EEA) unless we are legally permitted or required to do so. You should be aware that certain non-EEA countries do not require the same standards of protection of personal data as are legally required in the EEA. If we send your data to these countries, we will ensure that there are appropriate and suitable safeguards to protect your personal data. This will involve at least one of the following:

(a) we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;

(b) where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe; and

(c) where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

If you require further information on these mechanisms, please contact us at info@artuk.org.

5. Data security

5.1 All information you provide to us is stored within the EEA on secure servers provided by a third party vendor. Although we will do our best to protect your personal data, we cannot guarantee the security of the information transmitted to our Website and any transmission is at your own risk. Once we have received your information, we will put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we will limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to access your data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

5.2 Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

5.3 The Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. It is your responsibility to check those policies before you submit any personal data to these websites.

6. Your rights

6.1 You have the right to:

(a) request access to personal data held about you by us and be provided with information in relation to that data (including the purposes for which the data are processed, the recipients to whom that personal data have been or will be disclosed, how long it will be stored for, details of any automated decision-making and your right to lodge a complaint with the Information Commissioner’s Office);

(b) have inaccurate personal data amended or erased, and to have incomplete personal data completed;

(c) request the erasure of your personal data (the so-called ‘right to be forgotten’);

(d) object to or restrict the processing of your personal data (including where your personal data is processed for direct marketing purposes or on the basis of legitimate interests);

(e) request that your personal data be transferred to another data controller or provided in a format that will permit this transfer (the so-called ‘right to portability’);

(f) object to any decision that affects you being taken solely by a computer or other automated process (including profiling);

(g) withdraw any consent you have granted to us in connection with the use of your personal data at any time by updating your preferences in your online account via the Art UK Shop or by emailing shop@artuk.org and info@artuk.org; and

(h) lodge a complaint with the UK Information Commissioner’s Office (ICO) (see https://ico.org.uk/concerns/ for further details on how to lodge a complaint). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

7. Retention of personal data

Your personal data will be destroyed or erased from our systems when it is no longer required for the relevant specified purpose that it was collected for, provided that we may retain personal data in order to comply with applicable laws, regulations and rules. As a general rule, this means we will retain your personal data for the duration of your involvement with us and for up to six years afterwards. However, retention and destruction of personal data will be considered on a case-by-case basis.

8. Changes to our privacy policy

This version was last updated on 25 May 2018 and historic versions can be obtained by contacting us at info@artuk.org.

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.

9. Contact

If you have any questions or concerns regarding our use of your personal data or our Privacy Policy, please contact either Lauren Colley, who is responsible for overseeing questions in relation to this Privacy Policy on behalf of Art UK, at lauren.colley@artuk.org or contact Rob Lees, who is responsible for overseeing questions in relation to this Privacy Policy on behalf of Internova, at rob.lees@Internova.co.uk.