1. OUR DETAILS
1.1 A Data Controller is an individual or organisation that determines the purposes and means of processing personal data.
1.2 Contact details for our data controller are:
156 Great Charles Street
2. LAWFUL BASIS OF PROCESSING INFORMATION
2.1 As an arts community website, we deliver an editorial service to publish British Asian and South Asian arts content on this Site.
2.3 The General Data Protection Regulation ensures that we comply with a series of data protection principles. These principles are there to protect you and they make sure that we:
a) Process all personal information lawfully, fairly and in a transparent manner.
b) Collect personal information for a specified, explicit and legitimate purpose.
c) Ensure that the personal information processed is adequate, relevant and limited to the purposes for which it was collected.
d) Ensure the personal information is accurate and up to date.
e) Keep your personal information for no longer than is necessary for the purpose(s) for which it was collected.
f) Keep your personal information securely using appropriate technical or organisational measures; which may also be managed and administered by third-party suppliers.
3. HOW WE COLLECT INFORMATION ABOUT YOU
3.1 Your decision to disclose information about you on our Site is entirely voluntary, and by doing so, you are providing us with specific consent to use your personal data only for the purposes for which you have disclosed it to us.
3.2 Therefore, we may collect information about you using the following methods and technologies on our Site:
a) Content Management System (CMS)
We use an industry-led content management system (CMS) for our Site. We may collect information from you using our in-house designed and implemented website architecture which uses software created and developed as third-party plugins to work specifically with this CMS (hereby known as ‘CMS software’) including but not limited to electronic forms, social sharing, comments and pingbacks to provide our services to you.
The Site is separately deployed and managed from the DESIblitz.com website implementation for technical, security and performance reasons.
b) CMS Data Storage
The data collected using the website CMS software is stored in a secure database which has only the data collected written to it when you visit and provide data to our Site.
When collecting your data, you use a secure connection using the HTTPS protocol with a certificate to encrypt your data travelling between our Site and your browser. We also use an internet firewall to safeguard our website for added protection from attacks and spam.
d) Electronic Forms
We use electronic forms to capture data about you on our Site identified by the following submissions of data made by you:
i) information provided by you when you complete our ‘Submit Works and ‘Contact Us’ forms;
ii) information you provide in an electronic form when subscribing to any service offered by us on our Site, including newsletters and email marketing.
We use Google electronic mail service for all our email communication for our Site. Therefore, we use this service to process the information you provide when we receive data from completed electronic forms as in (d) above, when you request further support, help or services by directly email. Email messages sent to us from you may include your email address, email addresses of CC and BCC recipients, subject, encryption policy, your message and signature (if used).
We use standard UK Royal Mail postal services for receiving any information you may send to us by post. We may keep a record of any correspondence if you should contact us by post.
Any faxes sent to us using our facsimile number are automatically converted to electronic copies and subsequently received by us via Google email.
For our business telephone communications, we use Voice over IP (VoIP) provider of digital telephone services. Using this service we may make and keep written notes of telephone conversations but not personal data. If you leave a voicemail due to our unavailability, we are notified by email of the voicemail and telephone number it was left by. Any mobile communications with us are managed by the mobile networks we use.
i) Website Usage Data
When you visit our Site we may collect statistical data on an ongoing basis through Google Analytics, a third-party tool provided by Google linked to our Site. This may include data about what pages you access or visit, and information about your use of our Site. For example, the pages viewed, how long you stay on a page and the website from which you came to visit our Site, for example, a search engine, social media or a referral website.
Visit here to learn more information about how we use this third-party service to collect and use information about this Site.
3. PERSONAL INFORMATION WE COLLECTION ABOUT YOU
3.1 During your visit to our Site, we may collect personal data about you with your consent which is required in order to provide our services to you.
a) Your Profile Account
If you register with our Site as a subscriber or registered by us in an editorial capacity as a member, your information including your username, first name, last name, email, website URL, social media handles and password are stored in the CMS database as an account with a profile. You shall manage your profile account using your username and password. This information is stored in our CMS database. You are therefore responsible for the security and accuracy of that information. You are advised to change your password on a regular basis as good security practice.
Should you want your profile deleted from our Site, please contact us by email email@example.com.
b) Contact Us
When you contact us we may collect specific personal information about you depending on what medium you use to contact us – electronic forms, email, telephone and post.
c) Electronic Forms
The information we may collect from you on our ‘electronic forms on our Site can be when you:
i) Contact Us – your full name, email, website URL, selection of a reason for your communication, and your message.
ii) Submit Works – your full name, email, telephone number, message and any file attachments you submit.
The information we may collect from you when you contact us by email may include your email address, email addresses of CC and BCC recipients, subject, encryption policy, your message and signature which may include social media accounts (if used). Your email address may added to our contacts list to recall when sending you reply emails.
The information we may collect from you if you contact us by telephone may include your name, your company name (if calling from an organisation) and reason for your call. We may collect your telephone contact number, should you give it to us, especially for a return call by a specific team member, as required to address your query.
The information we may collect from you if you contact us by post may be the details sent to us as your sending address on the envelope, details on compliment slip and any other information supplied by you for our attention, which may include contact information, website address, social media accounts and email address.
e) Newsletter and Email Marketing
We may collect personal data from you which is required with your consent to send you our periodic newsletter and marketing updates associated with our website and business partnerships which are relative to our service provided to you.
The information collected may include your first name, last name and email address via an electronic subscription form. You may have options detailing what kind of updates you would like to receive.
To capture your information we use an electronic form provided by Mailerlite, our third-party newsletter and email marketing management system.
f) IP Addresses
We may collect information about your device – mobile, computer, tablet, and ISP provider; for system administration and to improve our service. This is statistical data concerning your internet connection to our website and does not identify you as an individual and only your device.
This information includes your IP address, and where available the browser type you are using. Your IP address is first scanned by our internet firewall to ensure it is not blacklisted or of a threat and stored in a firewall log. It is then captured on our server log at our hosting company, where our website hosting server is housed at DigitalOcean, London.
Other uses of your IP address for our website are:
a) if we use third-party push notification software to register you as a subscriber to receive a push notification every time a post is published on our Site. The software subscribes you to ‘allow’ your or ‘block’ push notifications using your IP address and your browser or mobile device. You can unsubscribe from this service at anytime.
g) Sensitive Data
GDPR specifies a set of personal data categories which are considered to be “sensitive”, and which require special consideration by Data Controllers. This Site, and any services available from this Site do not knowingly collect or process any sensitive personal data.
4. HOW WE SECURE AND STORE YOUR PERSONAL INFORMATION
4.1 We will treat all of your information in strict confidence and we will endeavour to take all reasonable steps to keep your personal information secure once it has been transferred to and stored on our systems.
4.2 We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, and data stored on the Site and associated database.
a) Secure Connection
Our Site uses a secure SSL certificate based connection using the HTTPS protocol. To ensure any information passed to and back from our website is encrypted.
We will do our best to protect your personal data, whilst we use the industry standard security protocol HTTPS as used by online banks and other e-commerce websites, but the internet is not a completely secure medium, therefore, we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the Internet and will not hold us liable for any data breach.
b) Database Security
Data stored and used by our CMS is stored in secure password controlled database servers, which reside on our hosting server at DigitalOcean, London.
Email messages will use standard email security known as TLS. But may use addition encryption depending on how they are sent. We use Google email security for the transportation of our inbound and outbound messages.
If you call us on our landline and leave a voicemail, the voicemail is stored on the Soho66 servers and sent to us by email. After listening we may decide to archive or delete the voicemail on our Google email server.
f) Business Documentation
Any information related to a business transaction with you is stored in electronic documentation form and uploaded to our secure Dropbox account. Files are protected by Dropbox in transit between their apps and our servers. Documentation includes invoices and any other documentation which has relevance to our services provided to you.
5. HOW WE USE AND PROCESS YOUR PERSONAL INFORMATION
5.1 The personal data submitted by you on our Site may be used and processed in the following ways:
a) to allow you to use our editorial services in the form of published content on our website;
b) to ensure that the content of our site is presented in the most effective manner for you and your computer;
c) if you are registered with our website, to allow you to you access and update your profile;
d) as a business, to provide you with our services to carry out our tasks concerning any agreements entered into between you and us, including but not limited to email communications, telephone calls and invoicing;
e) to allow us to analyse your personal preferences and personalise our services to you;
f) to notify you of newly published content if you are registered for notifications;
g) to notify you of any changes to our service;
h) to send you email notifications which you have specifically requested;
i) to be contacted, to provide you with the information services requested from us or in the event that we feel will be of interest to you;
j) to allow you to participate in interactive features of our service, should you choose to do so;
k) to send to you a newsletter and marketing communications relating to our websites, to which you have consented and subscribed. You will be able to opt-out of such communications at any time by unsubscribing or contacting us by email: firstname.lastname@example.org;
l) to comply with any legal obligations to which we are subject;
m) to deal with requests, enquiries and complaints made by or about you relating to our Site.
If you do not want your data used in this way please contact us by email: email@example.com
6. WHO WE SHARE YOUR INFORMATION WITH
6.1 As part of using our Site services, you consent to us sharing your personal information with the following parties.
a) our Site service providers and third-party partners, who process and store data on our behalf;
b) professional advisors;
c) law enforcement agencies;
d) [if you select via the [opt-in process], trusted third parties whose products, services and other offers we believe may be of interest to you;
e) we may transfer your personal data outside of the European Economic Area (EEA). We shall ensure that any such transfers are lawful and that your information is kept secure in accordance with the GDPR;
f) we will not sell, share or disclose your personal information to anyone or any third party unless:
i) in the event that we, our business, or substantially all of its assets are acquired by a third party (in which case personal information about you will be one of the transferred assets);
7. HOW LONG WE RETAIN YOUR PERSONAL INFORMATION
7.1 We only store your personal information for as long as necessary for the purposes to provide you with the services of our Site.
7.2 We regularly review your personal information about you every 2 years. Our retention of your data depends on the following:
a) the current and future value of your information to us for our business use exclusively;
b) the costs, risks and liabilities associated with retaining your information; and
c) the ease or difficulty of making sure it remains accurate and up to date relative to our business.
7.3 Therefore, we delete personal data we definitely do not longer need or has no purpose to our business, every 2 years.
7.4 Any personal information that does not need to be accessed on a regular basis, but however, still needs to be retained, we shall safely archive or take offline completely, making it non-accessible or visible. You still have complete access to any archived data, for which you can make a request.
7.5 You may at any time request the removal of your personal information by contacting us by email: firstname.lastname@example.org.
8. USE OF WEBSITE COOKIES
8.2 Cookies are small text files sent by us to your computer, or from your computer or mobile device to us each time you visit our Site. They are unique to you or your web browser and have an expiration date pre-set.
8.4 We use both session-based and persistent cookies, dependent upon how you use or interact with our Site.
8.5 Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them, or until they expire.
a) remember you when you visit this website to keep track of your use of our website;
b) make our website work as efficiently as possible; note, you can disable any cookies already stored on your computer, but these may stop our website from functioning properly;
c) administer services to you and to advertisers;
f) we may use third-party cookies and you may choose to opt-out of third-party cookies from their website. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. It should be noted that no personal information is stored, saved or collected.
8.7 Most browsers allow you to turn off cookies. To do this look at the “help” menu on your browser. Switching off cookies may restrict your use of the website and/or delay or affect the way in which it operates.
9. THIRD PARTY ADVERTISING COOKIES
9.1 Some advertisements you see on our website may be generated by third parties.
9.2 Some of these third parties generate their own cookies (or web beacons) to track how many people have seen a particular advertisement (or use the services of third parties to do this), and to track how many people have seen it more than once.
9.3 These cookies cannot be used to identify an individual; they can only be used for statistical purposes, for example, in providing you with advertisements that are more relevant to your interests. Some of the information gleaned from third party cookies will be aggregated with other anonymous information for statistical purposes.
9.4 The third party companies that generate these cookies have their own, very strict, privacy policies but we don’t have access to these cookies; other than allowing them to be served, we have no role to play in these cookies at all (although we may use statistical information arising from these third party cookies and provided to us by third parties, to improve the targeting of advertisements to users of the website).
9.5 If you would like to disable “third party” cookies generated by advertisers or providers of targeted advertising services, you can turn them off by going to the third party’s website and getting them to generate a one-time “no thanks” cookie that will stop any further cookies being written to your machine.
9.6 You can also visit the trade body representing these advertising companies for more information on how to opt out of these cookies: http://youronlinechoices.com/
10. USE OF THIRD PARTY WEBSITE LINKS
10.1 From time to time our website and content may contain links to and from our website to other publications as source citations, partner networks, advertisers and affiliates. If you visit any of these external websites please note that they have their own privacy policies and you should check these before submitting any personal data. We cannot accept any responsibility or liability for these websites or their content/policies.
10.2 Your rights in relation to your personal information
10.3 You can exercise your right to access any personal information we hold about you. The information requested is free-of-charge, for up to three requests for the same information.
10.4 However, if the information requested is repetitive, manifestly unfounded or excessive. We can charge you an administration fee of £50.00 to provide the requested information.
10.5 Your rights related to your personal information are:
a) Access to your personal data – access to a copy of your personal information held by us;
c) Processing confirmation – confirmation that your personal information is being processed and used;
d) Right to withdraw – where you have given your consent for us to use your personal information, you may withdraw your consent at any time. Please contact us if you would like to withdraw your consent and we will delete your data in line with your right to erasure (see below);
e) Rectification – you may ask us to rectify inaccurate personal information held about you. If you would like to update the data we hold about you, please contact us using the details below and provide the updated information;
f) Erasure – you may ask us to erase and delete your personal data permanently which is also known as ‘the right to be forgotten’. If you would like us to delete the personal data we hold about you, please contact specifying why you would like us to delete your personal data;
g) Portability – you may ask us to provide you with the personal information that we hold about you in a structured, commonly used, machine-readable form, or ask for us to send such personal data to another data controller;
i) Make a complaint – you may make a complaint about our data processing activities by contacting us with the exact reason for your complaint and how we can help rectify it. You can also contact the lead supervisory authority, the Information Commissioner’s Office (ico), if you have any concerns.
10.6 For any of the above personal information requests, please send an initial email to email@example.com with the following information:
a) your legal name, address, email and telephone number;
b) description of your request.
10.7 We will then subsequently contact you confirming the receipt of your request and shall provide you the information within one month of receiving your request.
10.8 However, if obtaining the information requested is complex or numerous, we may take longer and up to twelve months. You will be notified within a month of your request, should this be the case.
10.9 Information requested will be sent to you in electronic format as per your request i.e. by email, using our email provider, Google mail.
11. YOUR PERSONAL INFORMATION ACCURACY
11.1 To ensure we store accurate information for you. If you would like to update the personal data we hold about you, can update your own profile information by logging into our website with your personal credentials or you contact us on firstname.lastname@example.org with your request.
Contacting DESIblitz Arts
If you have any other general enquiries please contact us at email@example.com