Victoria Art Gallery Limited (“us”, “we”, or “our”) operates victoriaartgallery.co.uk (the “Service”).
This page informs you of our policies regarding what types of Personal Data we collect from you, how it is used by us, how we share it with others, how you can manage the Personal Data we hold and how you can contact us.
We use your Personal Data for providing and improving the Service. By using the Service and expressing consent when requested, you agree to the collection and use of information in accordance with this policy.
While using and engaging with the Service, we collect certain personally identifiable information (“Personal Data”) which is necessary, relevant and suitable for the purpose you are providing it for. Some of this information is aggregated or encrypted and does not identify you personally, but provides us with information about how you use and engage with the Service.
Personally identifiable information may include, but is not limited to:
- Phone number
- Email address
- The date and time you used the Service
- The places you visited and amount of time visited for
- IP address
- The browser and device you used
- The url from which you accessed the Service
- Any information within correspondence you send to us.
If you supply Personal Data on behalf of someone else, you confirm that the other person has appointed you to act on their behalf and has given you consent to do so.
We only use your Personal Data for the purpose for which it has been collected for, and in particular for the following reasons:
- To understand your needs and provide you with a better experience
- To share with the employees of this Service to help with enquiries and respond to your correspondence
- Used for statistical analysis for management purposes in order to administer, market or improve the Service.
- Internal record keeping and administrative purposes to ensure we operate our business in an efficient and effective manner.
- Contact you from time to time about promotions, events, products, services or information which we think may be of interest to you (don’t worry we won’t bombard you).
You will always have the option not to receive marketing communications from us and we will only contact you if you have given us your consent to do so. You can withdraw your consent or object at any time by contacting us at firstname.lastname@example.org, or in relation to marketing messages you receive, by using the unsubscribe option included in those messages.
We will never share, sell or rent your Personal Data to any third parties.
You have the right, at any time, to ask for a copy, transfer, update or correct any information we hold about you. If you wish to do this, please contact us at email@example.com.
Your Personal Data is retained for as long as necessary to fulfil the purposes of the Service. Any Personal Data submitted through this Service, is stored by the Service host’s secure UK based data centre. The Service is also protected by multiple Anti-Malware Firewalls and encrypted by 2048 bit Secure Socket Layer (SSL) certificate. For information on Third party data retention, please browse down to Service Provider information. Data is backed-up daily by the Service host and retained for one month before deletion.
The only exceptions to the periods mentioned above are where:
- The governing law requires us to hold your Personal Data for a longer period, or delete it sooner
- You exercise your right to have the Personal Data erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under governing law.
You have the ‘right to be forgotten’. If you would like us at anytime to delete your Personal Data we will gladly do so, simply email us at firstname.lastname@example.org. We will delete all the Personal Data we hold about you and anything else that is associated with you. However, please note that if you use any of our services which require you to provide Personal Data, deleting our records may mean that you will need to resubmit it to continue using such services.
Please keep in mind that some information may remain in our records after deletion. We may use any aggregated/encrypted data derived from or incorporating your Personal Data after you update or delete it, but not in a manner that would identify you personally.
Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive.
- Statistical analysis
- To understand user behaviour
- To administer the Service
- To tailor the information presented to a user based on their preferences, and to improve user experience.
By default, the majority of popular web browsers automatically permit websites to deploy Cookies onto your device. To delete or disable Cookies on your preferred browser, we recommend reading this advice posted by Google https://support.google.com/accounts/answer/61416?hl=en. Please note, disabling Cookies may impair your experience of the Service.
For more information on the Cookie Law in the UK, we recommend visiting the Information Commissioner’s Office (ICO) website: https://www.cookielaw.org/ where you can find the latest information, guidelines and advice on the Cookie Law.
If you share our content through social media, for example by liking us on Facebook, following or tweeting about us on Twitter, or giving us a ‘+1’ via Google Plus, those social networks will record that you have done so and may set a Cookie for this purpose.
In some cases, where a page includes content from a social network, such as a Twitter feed, or Facebook comments box, those services may set a Cookie even where you do not click a button. As is the case for all Cookies, we cannot access those set by social networks, just as those social networks cannot access Cookies we set ourselves.
We collect information that your browser sends whenever you visit the Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of the Service that you visit, the time and date of your visit, the time spent on those pages and other statistics. The data collected does not include personally identifiable information and is used, as described above, for statistical analysis, to understand user behaviour, and to administer the site.
The Service uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). The information generated by the Cookie about your use of the Service (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the Service, compiling reports on activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
We may employ third party companies and individuals to facilitate the Service, to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how the Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Children’s Online Privacy Protection Act Compliance
The Service is not intended for audiences under 16 years of age. It is the sole responsibility of parents and guardians to monitor their children’s use of the Service.
The security of your Personal Data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure.
We have put in place various security procedures as set out in this policy. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to user information. We use SSL to encrypt data input before it is submitted, and our database is hosted in a secure data centre.
While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
If the Service is breached, we will notify all affected users within 72 hours of becoming aware of the breach, where feasible. A breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data. A breach can include:
- Access by an unauthorised third party
- Deliberate or accidental action (or inaction) by a controller or processor
- Sending Personal Data to an incorrect recipient
- Computing devices containing personal data being lost or stolen
- Alteration of Personal Data without permission
- Loss of availability of Personal Data.
We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Victoria Art Gallery Limited
3 Victoria Street
If you are unhappy, you have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed. The contact details for the Information Commissioner’s Office, the data protection regulator in the UK, are below:
Information Commissioner’s Office
0303 123 1113