Policy key definitions:
“I”, “our”, “us”, or “we” refer to the business, [Art Therapy Now].
“you”, “the user” refer to the person(s) using this website.
GDPR means General Data Protection Act.
PECR means Privacy & Electronic Communications Regulation.
ICO means Information Commissioner’s Office.
Cookies mean small files stored on a user’s computer or device.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.
We process your information in the following ways:
Information you give us.
You may give us information about you by filling in forms on the Site or by corresponding with us by phone, e-mail, or otherwise. This includes information you provide when you, subscribe to one of our courses, place an order on our site, leave comments, reviews, or testimonials, Members’ Portals, or other social media functions on our site. The information you give us may include your name, address, email address, and phone number, financial and credit card information, personal description and photograph, amongst other information.
Information we collect about you.
Regarding each of your visits to the Site we may automatically collect the following information:
technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
Uses made of the information
We may use information held about you in the following ways:
Information you give to us may be used:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
- to provide you with information about other services we offer that are similar to those that you have already enquired about;
- to notify you about changes to our service;
- to ensure that content from the Site is presented in the most effective manner for you and for your computer.
Information we collect about you, may be used:
- to administer the Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve the Site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep the Site safe and secure;
Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive).
Disclosure of your information
We may share your personal information with any member of our group, which means any subsidiaries, any ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
If the Company or substantially all its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets; and
Where we store your personal data
All information you provide to us is stored on our servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by contacting us at the Company Address.
The Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. A
Data retention period:
We shall continue to process your information until the contract between us ends or is terminated under any contract terms.
If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.
Some cookies are required to enjoy and use the full functionality of this website.
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Transparent Privacy Explanations
We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences.