Here at the DCCA, we are committed to protecting the privacy of anyone using our site and the confidentiality of any information that you provide us with. The purpose of this statement is to set out how we use any personal information that we may obtain from you.
The EU General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is a new EU regulation aimed at helping to strengthen data protection for EU citizens and residents both within the EU and the wider world and will be effective from 25th May 2018.
This new legislation will replace current data privacy law, giving more rights to you as an individual and more obligations to organizations holding your personal data. It replaces the existing Data Protection Directive (1995).
Who are we?
DCCA is the “data controller” (contact details below). This means it decides how your personal data is processed and for what purposes.
In general, you can visit our website without telling us who you are and without revealing any information about yourself.
If, however, you use our mailing list, blog comments or products, you will be asked to provide certain information such as your contact details and this data will be stored.
How do we use your Data?
We use your personal data for the following purposes:
What are cookies?
Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Cookies are small text files that are placed on your computer by websites that you visit, for example, they ensure items are placed into your Shopping Basket and orders are processed correctly or they might record how long you spend on each page or what links you click.
If you wish, you can usually adjust your browser so that your computer does not accept cookies. Please remember cookies do not contain confidential information such as your home address, telephone number or credit card details. We do not exchange cookies with any third party websites or external data suppliers.
Visitors to our Website
When someone visits DCCA we use a third-party service, Google Analytics.
They gather anonymous standard internet log information and details of visitor behaviour patterns, for example, data of how people are using our site and then provide us with the visitor statistics, details of page views etc.
Adding a Blog Comment
Should you choose to add a comment to any posts or online courses that we have published on the DCCA blog, the name and email address you enter and your comment will be saved to our website’s database, along with your computer’s IP address and the time and date that you submitted the comment.
This information is only used to identify you as a contributor to the comment section and is not passed on to any of the third party data processors. Only your name will be shown on the public-facing website although if the supplied email address is linked to a Gravatar account, your Gravatar photo will also be displayed.
Your comment and its associated personal data will remain on this site until we see fit to either:
Should you wish to have the comment and its associated personal data deleted, please email me using the email address that you commented with.
If you are under 16 years of age you MUST obtain parental consent before posting a comment on our blog.
When you sign up for an email newsletter, we use a third party provider, MailChimp.com to deliver our monthly (ish) updates. MailChimp gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our emails.
Your email address, name and any other information you provide us with are held in strict confidence. Your information is only kept so that DCCA, whose email list you subscribed to, can email you. We do not sell or share your information with anyone else.
Don’t forget, if you have previously subscribed to our mailing list and want to unsubscribe, you can click the unsubscribe link at the bottom of every email or email me at sarah_drew(at)dorsetcentreforthecreativearts.co.uk at any time.
This website is built on (WordPress) a website content management system (CMS). This service may collect anonymous information about users’ activity on the website, for example, the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it.
WordPress requires visitors that want to post a comment, to enter a name and email address. If you submit a comment to a blog post published on this website or if you submit a contact form, some personal information will be stored in this website’s database.
These are currently the only occasions where personal data will be stored on this website. For more information about how WordPress processes data, please see BackWPup’s privacy notice.
DCCA is not currently a participant in any affiliate advertising program. In future DCCA may participate in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn affiliate fees by linking to books on Amazon.com and Amazon.co.uk. If we include links to certain art education books and art supplies books on this website then DCCA will earn an affiliate commission for any purchases you make. Please note DCCA will not be given any free products, services or anything else by these companies in exchange for mentioning them on my site.
Security & Hosting
At the DCCA, we endeavour to take security seriously and have taken extra steps to protect your personal information.
We use a third party service BackWPup which is a WordPress plugin to help maintain the security, backups, and performance of the website.
The domain and hosting for DCCA are provided by Hostgator within a secure US data center. The data center’s security features are listed at https://www.hostgator.com/network.
Ordering using RomanCart
The DCCA uses RomanCArt as a secure payment processor. When you ‘Place your Order’ you are taken to a secure payment page hosted by Weymouth College. RomanCart uses Transport Layer Security (TLS) protocol to encrypt these communications.
For security reasons, we strongly recommend that you do not send credit card numbers by standard email but use the secure facility provided via this website. We endeavour to take all reasonable steps to protect your personal information. However, we cannot guarantee the security of any data that you disclose online and we will not be responsible for any breach of security unless this is due to our negligence or wilful default.
Our third-party services (data processors)
We do not sell your information to any third-party providers.
However, we do use third-party services to deliver our products and operate our business.
In general, the third-party providers will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
Each provider has information on their GDPR.
People who contact us via Instagram
We use a third-party provider, Instagram for sharing photos, if you send me a private or direct message via Instagram, the message will be stored by Instagram.
People who contact us via Facebook
We use a third-party provider, Facebook for keeping everyone up to date about courses and events at the DCCA, if you send me a private or direct message via Facebook, the message will be stored by Instagram.
People who email us
We use Gmail for our primary email. You should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
People who make a complaint to us
When we receive a complaint from a person we make up a file containing the details of the complaint.
This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information we collect to process the complaint and to check on the level of service we provide.
What information is an individual entitled to under the GDPR? – Your rights and Personal Data
Under the GDPR, individuals will have the right to obtain:
The data controller of this website is DCCA whose office is: Dorset Centre for the Creative Arts, Middle Farm Way, Poundbury, DT1 3AR.
To exercise all relevant rights, queries or complaints please in the first instance contact: sarah_drew(at)dorsetcentreforthecreativearts.co.uk
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
DCCA may update this policy and you should check this page from time to time to ensure that you are happy with any changes.
DCCA: Last Updated – May 14th 2018
Information Commissioner’s Office
You can contact the Information Commissioner’s Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.