At ArtSpring Gallery, we are committed to protecting your privacy. This policy explains when and why we collect personal information about people who contact us and/or visit our gallery and website, how we use it, the conditions under which we may disclose it to others and how we keep it secure. We may change this policy from time to time, so please check this page to ensure that you are happy with any changes.
How do we collect information from you?
You may provide us with information by corresponding with us in person, by phone, by e-mail, or online. This includes information you provide when you use our website, enquire about or purchase an artwork, or attend an exhibition, art fair or gallery event.
What type of information is collected from you?
The personal information we collect might include:
- Your name, address, email address and phone number
- Financial and debit/credit card information should you purchase an artwork from us
- Browser information when you visit our website such as IP address, your browser type and language
- Information that you provide to us by email or in person at our gallery, art fairs or events
How is your information used?
We may use your information to:
- Process a purchase that you have made;
- Carry out our obligations arising from any contracts entered into by you and us;
- Better understand how our website visitors use our website;
- Respond to any of your email communications to us or process any complaints we receive;
- Provide information about our artwork and services to you;
- Keep you informed about events, artists and exhibitions, and send you communications that you have requested or that may be of interest to you; and/or
- Process a membership/guest artist application that you have made.
If we have asked you for your agreement to use your data, we are using it under the legal basis of Consent. For purchases, contracts and membership/guest artist applications, we use your data under the legal basis of (taking steps to) perform a Contract with you. Otherwise, we use your data as set out above on the legal basis of our Legitimate Interests of properly administrating, monitoring and improving our business and our website. We may also use your data as required to fulfil our legal obligations.
Who has access to your information?
We will not sell or rent your information to anyone. Neither will we share it with anyone for their marketing purposes.
We will share your information with our service providers, WordPress, iZettle and MailChimp and our accountants and/or auditors, only as far as reasonably necessary for us to use it for the purposes listed above and as required to fulfil our legal obligations.
You have a choice about whether you wish to receive information from us. If you do not want to receive direct marketing communications from us then you can request to be removed from our database or unsubscribe from our newsletter.
The accuracy of your information is important to us. If you change your email address, or if any of the other information we hold is inaccurate or out of date, please contact us so we can update our records.
You have the right to ask for a copy of the information ArtSpring Gallery hold about you.
How we protect your Personal Data
When you give us personal information, we take steps to ensure that it is treated securely. We have implemented generally accepted standards of technology and operational security to protect personal data from loss, misuse, or unauthorised alteration or destruction.
We will notify you promptly if we become aware of any breach in the security of your personal data which might expose you to serious risk.
How long do we keep your information?
Our data retention policies and procedure are designed to help ensure that we comply with our legal obligations under GDPR. We need to keep some types of information for a certain time to be able to fulfil future legal obligations, for example financial records regarding purchases, compliance with tax requirements and exemptions, and the establishment, exercise or defence of any legal claims. We will destroy (or fully anonymise) personal data that we process for any purpose(s) once it is no longer useful for those purposes and no longer needed to fulfil any legal obligations as explained above.
Links to other websites
If you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of that third-party site and recommend that you check the policy of that third-party site.
Children and Personal Information
We do not knowingly collect Personal Information from people aged under 16 without their parent or guardian’s consent. If we become aware that somebody aged under 16 has provided us with Personal Information without such consent, we will take steps to delete that information (except to the extent that we need it to fulfil our legal requirements).
Transferring your information outside Europe
We will not transfer information about you outside the European Economic Area without suitable safeguards. Of our service providers listed above, WordPress and iZettle are based in the EEA; MailChimp is based in the USA and is listed as behind the data privacy shield.
Contacting Us and any Complaints
If you have any concerns about our use of your information, please let us know in person, by email or post to the addresses above so that we can resolve them. You also have the right to make a complaint to a supervisory authority that regulates and supervises the use of personal data (for UK residents, this is the Information Commissioner’s Office, which can be contacted via its helpline on 0303 123 1113).