If you are a workshop participant or customer of Shining Edge Arts / Anne Thomas, or have communicated with me through my website, I hold a small amount of information about you which falls under the category of Personal Data. Anne Thomas is the Data Controller of this information, under the EU General Data Protection Regulation.
What I hold and why
I hold only the minimum amount of data I need to send to you information about workshops, news, artwork and events. This data is what you have normally have provided to me when making a booking, enquiry, purchase or have requested to be added to my database when at an event. This is likely to be:
Email access tracking (via third party)
The purposes of holding this information are:
Provision of the services to you (performance of a contract/legitimate interests)
Administration (legitimate interests)
Marketing (with consent or ‘soft opt-in’)
You can withdraw marketing consent at any time by emailing email@example.com or clicking the unsubscribe link in one of my emails. Please note that if you unsubscribe I will continue to hold a small amount of personal data for compliance purposes (to ensure that I don’t accidentally mail you again).
Who the information is shared with
I do not share your information with any parties. I do use social media (Facebook and Instagram) but only share photos of you on social media with your consent – I also seek consent prior to sharing photos with the media. Facebook are based in the US, and have their own Privacy policies – I am not responsible for Facebook’s use of data that you place on the site. Please advise me if you do not wish photos to be placed on social media.
I use Sendinblue for sending out newsletters; all emails from this source carry information on how to unsubscribe. Doing so will not affect your ability to access our services, though it will mean I cannot mail you information about the new workshop dates, products and events we’re running. Sendinblue data is hosted (which means held) in the US where privacy law is different. However, Sendinblue have signed up to Privacy Shield, which provides an adequate level of protection in EU law, and carry additional security certifications, so you can be confident in the protection this offers.
How long I keep your data
I will only keep your data for as long as I need it. I will hold your information for no more than 6 months if you use our services. Where you are subscribed to my marketing list, I will stop emailing you if you have not opened any of my last 10 emails, though a small amount data will continue to be held for compliance purposes for up to 1 year. Remember, it is easy to unsubscribe at any time, by clicking the unsubscribe button at the bottom of emails sent to you.
You have various rights under the GDPR:
To object to an aspect of processing;
To ask me to correct your data;
To ask me to erase your data;
To ask me to provide you with a copy of your data.
You can make requests to me on any of these by emailing firstname.lastname@example.org You can also make complaints on any aspect of our data protection practice to the Information Commissioner’s Office www.ico.org.uk, although I would ask that you contact me first so that we can try and resolve things for you.
Thanks for supporting my work,