Privacy Policy

Pure Creative Arts

Privacy Policy
Issue Date:
20th February 2018
Version Number: 1.01

This privacy policy covers users of our website. A separate policy covers volunteers, service users, staff, and trustees.

At Pure Creative Arts we regard your privacy as important.

The information we collect about you, if you agree to provide it, will allow us to contact you and send information to you about products and/or services where you have registered an interest.

In providing us your information you thereby consent to us processing it for this purpose.

By visiting our website, and completing any of the consent processes (i.e. subscribing to a service and/or providing your contact information), you accept and consent to the practices defined in this privacy policy.

For the purposes of the General Data Protection Regulation (GDPR);

  • the data controller is Pure Creative Arts.

Information that we may collect from you

We may collect and/or process the following data about you:

  • Information you provide to us – by filling in forms on our websites www.purecreativearts.org or www.purecreativearts.co.uk or by entering into a contract with us, or by correspondence with us by email, letter, phone or other methods, which includes data provided by you by registering to use our website, or by subscribing for newsletters or other information services, or by joining our web forum, or by placing an order for products or services, and when reporting a problem with our site, or otherwise contacting us.
  • Personally Identifiable Information (PII) – the information you give us may include; your name, address, email address, IP address, phone number, together with financial and credit card information. All of which is PII and subject to the GDPR.
    • data protection – all PII data we hold is protected by us in accordance with the Principles (Article 5) of the GDPR. Access to this data is strictly controlled.
  • Information we collect about you – with regard to your use of our website information may be automatically collected and comprises the following:
    • technical information – such as your; internet protocol (IP) address, login information, time zone, browser type/version with plug-in types/versions, device information (operating system and platform);
    • information about your visit – such as your; Uniform Resource Locators (URL), including the date and time, products viewed/searched, site statistics, interaction (scrolling, clicks, mouse-overs), exit methods away from pages, phone numbers (if used to call us), route to/from our site or from details of adverts linking to our site, and search engine links to our site including search engine address and search term used.
  • Information we receive from other sources – information about you may be received by us if you use another website or service that we operate.
    • Third-parties may also provide information to us about you, specifically from any of the following; our business partners and/or sub-contractors or credit reference agencies for payment and delivery services, or advertising and marketing services, or our technical and analytics providers, or our search engine and search information providers.

How your information is used

The information we hold about you is used as follows:

  • Information that you provide to us – this information is used to meet our obligations within any contracts between you and us, and,
    • to meet your requests for information, and/or products and services, or
    • to notify you of changes to our products or services, or make suggestions/recommendations that may interest you, or
    • to improve the content of our site and ensure it is presented effectively for you and your device.
  • Information that we collect about you – we use this information:
    • to manage our website as well as for our efficient operations, which includes analysis, research, statistical and survey uses, together with testing and troubleshooting;
    • to improve our website and content for users and their devices;
    • to allow you to interact with our website and take advantage of our online services, whenever you may elect to do so;
    • to ensure our site is safe and secure by monitoring activities within the context of continual process improvement, which is a best practice requirement of the GDPR;
    • to monitor advertising and marketing effectiveness for users, and/or to fine-tune advertising by relevance to users;
    • to enable targeted suggestions/recommendations to users about products and services that may be of interest.
  • Information we receive from other sources – we may use third-party information, which may be combined with information you provided to us and/or information collected by us, which may be used for the purposes we have defined above.

Information we collect and receive may be disclosed to third parties in and out of the European Economic Area as (i) described in this policy, (ii) if you otherwise give your consent, or (iii) if the disclosure is legally required.

We use a number of third party data processors to process data on our behalf. These third parties may transfer your data outside of the country from which you are accessing this website including but not limited to the USA and, are EU-US Privacy Shield compliant as a minimum. These include:

  • Google – Website Analytics Provider
  • Goolge – Email Server Provider
  • Mailchimp – Email Marketing Provider
  • Hubspot – CRM Provider
  • Cloudways – Web Host
  • Z2 Systems (Neon) – Donation Processing and Donor Management
  • Google – Document Storage Solution
  • Dropbox – Document Storage Solution
  • Facebook – Marketing Service Provider
  • Google – Marketing Service Provider

We may disclose information collected we have a good-faith belief that a disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders; (ii) if we sell or transfer all or a portion of our organisation’s interests, assets, or both, or in connection with a  merger, consolidation, restructuring, or other change, or (iii) as otherwise disclosed in the terms and conditions of our agreements with customers, including our separately posted and applicable Terms of Use for the relevant Services.

We may disclose aggregated or anonymous information where reasonable steps have been taken to ensure the data does not contain your personally identifying information.

Know your rights

Under the GDPR all individuals, who are the owners of their personally identifiable information (PII), have specific and clear rights, which are;

Right to Erasure

Every individual has the right the right to be forgotten upon request.  The data controller must remove your PII data from its systems and request the same of any third-party systems of that controller.

Right to Access

Every individual has the right to access the PII data held about them upon request.

Right to Portability

Every individual has the right to request their PII data and use it for other parties they wish to engage with.

Right to be Informed

Every individual has the right to be informed about how their PII data is being used, which may be provided upon request of the individual, or before the controller changes any use of that data, giving the individual the right to consent or object.

Right to Objection

Every individual has the right to object to the use of their PII data for any purpose proposed by a controller.

Right to Rectification

Every individual has the right to have errors in their PII data to be corrected.

Right to Restrict

Every individual has the right to restrict the uses of their PII data for any specific type of processing.

Rights on automated decisions & profiling

Every individual has the right to restrict or object to automated decision-making processes or profiling based on their PII data.

  • Revoke your consent – in accordance with the GDPR, to the revoke consent for processing of your data send an email with the word “Revoke” in the subject field to [email protected].
  • Subject Access Request (SAR) – in accordance with the GDPR,
    • you may request us to send you details about any PII data that we may hold about you, or
    • you may request that we correct any errors, or
    • you may request us to delete any/all PII data about you.
  • SAR Fee – In accordance with the GDPR, any SAR is provided free of charge within 30 days, unless a particular SAR is subject to other regulatory requirements as defined within the GDPR, in which case we will inform you as required by those specific regulations.

Click the links here for further information about our Cookie Policy, and Website Use Policy

For any questions relating to your PII data, or to submit a SAR, please contact us:

In the US
Tamsin Evans
Pure Creative Arts
PO Box 107
Larchmont
NY 10538

[email protected]

In the UK
Tamsin Evans
Pure Creative Arts
108 Forster Street
Warrington
WA2 7AX

[email protected]