PRIVACY POLICY & PROCEDURES

How your personal information may be used by Seacourt Print Workshop

Your information will be held by Seacourt Print Workshop Ltd, a company registered in Northern Ireland with Company Number NI24162 and accepted as a charity by the Charity Commission for Northern Ireland, NIC10578.
Our registered office is at Unit 20, 8 Balloo Drive, Bangor BT19 7QY.

Our Director is Emma Drury.

You can contact us by telephone at 028 9146 0595 or by email at info@seacourt-ni.org.uk.
More information about Seacourt Print Workshop - The Centre for Contemporary Printmaking - can be found at www.seacourt-ni.org.uk.

How we use your personal information

This privacy notice is to let you know how Seacourt will look after your personal information. This includes what you tell us about yourself and the choices you give us about what communication you permit us to send you. This notice explains how we do this and tells you about your privacy rights and how the law protects you.

Our Privacy Promises are simple. We promise to keep your data safe and private. We will not sell your data. We will only share your data with your consent or where we are required to do so for legal purposes. We will make sure you have given us clear consent about how we are to communicate with you and we will make it clear how you can review and change that consent.

How the law protects you

As well as our Privacy Promises, your privacy is protected by law. This section explains how that works. Data Protection law says that we are allowed to use personal information only if we have a proper reason to do so. The law says we must have one or more of these reasons:

  • To fulfil a contract we have with you, or

  • When it is our legal duty, or

  • When it is in our legitimate interest, or when you consent to it.

    A legitimate interest is when we have a valid business reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.

Where we collect personal information from

  • We collect personal information from you when you:

  • apply to become a member, attend any of our courses or ask to be included on our mailing list

  • talk to us on the phone or when you visit us

  • use our website or other social media to contact us

  • send us emails or letters

  • complete user surveys

  • apply to take part in or exhibitions, outreach or other projects

  • tell us about your medical needs

  • make payments or complete other transactions

  • are employed or work as a facilitator for us

  • are delivering a service agreement for us

  • complete an accident report form

Who we may share your personal information with

  • We may have to share your personal information with these organisations:

  • Government agencies

  • Your payroll/pension service provider

  • Companies House if you are a Director

  • HM Revenue & Customs concerning your salary, tax, national insurance contributions or Gift Aid donations you make

  • Organisations we work closely with, for example, the Arts Council NI

  • If you use direct debits, we will share your data with the Direct Debit scheme

  • Organisations you ask us to share your data with, for example, to provide a reference

What personal information we request and store and why we need it

The information requested and stored depends on what your relationship is with Seacourt.

If you are employed to work in any capacity or have a service agreement with us we will require this information:

Your full name, postal address, email address, home and/or mobile telephone number(s), your relationship with Seacourt, your remuneration and how we pay you, your banking details if we pay you using BACS, your National Insurance number, your tax code, your personal pension arrangements, your date of birth, your next of kin’s name and contact details and, if applicable, your Safeguarding status. We need this information to fulfil our contractual obligations and for legal purposes

When you join us as a member, visiting artist or intern we will require this information:

Your name, postal address, email address, home and/or mobile telephone number(s), membership or other category of relationship with Seacourt, how you pay us for using our facilities, your next of kin’s name and contact details. We need this information to fulfil our contractual obligations

When you visit us as a visitor or guest or friend of Seacourt we will ask for your consent to collect and store this information:

Your name, postal address and email address. We will only keep this information when you consent to it.

When you are a member and/or course participant or other facility user with special medical needs we will require:

Your name, postal address, email address, home and/or mobile telephone number(s), membership or other category of relationship with Seacourt, how you pay us for using our facilities, your next of kin’s name and contact details. Any medical information we need to ensure your needs are appropriately met. We need this information to fulfill our contractual and legal obligations.

How long will we keep your personal information for?

How long we store your personal information depends on your association with Seacourt. In general terms if you are our employee or work with us as a facilitator or provide a service agreement your data will be held for the duration of your engagement with us and up to a further six years following the actual leaving date. Please note after this period of time, or sooner if we have agreed to delete your data, we will be unable to provide any information concerning your employment, for example, to respond to a reference request. (Please refer our Retention of Records document at the end of this policy.)

If you are a member we will store your data for the duration of your membership and will delete it within three months of you terminating your membership with us unless you permit us to retain your contact details.

If you are a Seacourt associate, visitor or friend we will ask for your consent to store your name and contact preference(s) until you request us to delete your data. We will remind you each time we send you an email of your right to have your data deleted.

How can you be sure the personal information we hold about you is accurate?

You can ask us for a copy of the personal information we hold about you and we will provide it for you without undue delay and within 30 days of your request being received. We can only do this to you personally, to your home address or to your email address. If you subsequently wish any/all of your information to be corrected please contact us via info@seacourt-ni.org.uk and we will update our records accordingly.

How can you get your personal data deleted from our records

You can withdraw your consent for us to hold your personal information at any time. We will inform you if we must retain some or all of your personal data and the reason why we are required to. To withdraw consent you can write or send an email to us at info@seacourt-ni.org.uk. Please make sure you include the words “Amend/Remove my personal data” in the subject line.

How we keep your personal information safe

We will keep your personal information safe in the following ways:

  • Documents which include personal information will be stored in locked filing cabinet(s) in the office and will be accessible only to people who need to access the documents for legal or business purposes. This may include Seacourt’s Director, Administrative Assistant or Board Directors.

  • Documents relating to Safeguarding matters will only be accessible to the Safeguarding Designated Officer(s) and appropriate authorities.

  • Documents relating to special needs will be accessible to the Director, Administrative Assistant and lead facilitator on a need to know basis.

  • Documents relating to employment, service delivery agreements, complaints and other policies will be available to the Board of Directors. Personal contact data will be available to the Director, Administrative Assistant and the Board of Directors as required.

Personal information held on Seacourt’s administrative computer systems, including back up hard drives is stored in password protected folders. Our administrative computer hardware is kept secure in the office. Our administrative computer systems are password protected and only used by authorised persons for appropriate purposes. Our systems are protected from online threats by up to date internet security programmes. We will do our utmost to ensure we take appropriate precautions to minimise the risk of serious data breaches.

Links to other websites

Seacourt’s website and other social media applications may contain links to other websites. One example is from our ‘Members’ page where some artists have provided links to their websites. Please be aware if you use such a link to leave our site we do not have any control over that website or how it may data.

At Seacourt Print Workshop we take your privacy seriously and will only use your personal information to contact you to supply you with information, or request information from you, when you have given us permission to do so.

Consent forms

You will be asked to complete a personal information form if you become a member, visiting artist, service user or provider, employee etc.

You will be asked for your consent to receive communications from us and to tell us the form of communication you consent to.

If you have any questions about our Privacy Policy or any other aspect of our data handling procedures please contact us by telephone or by email. The contact details are included at the start of this policy.

Last updated 19 July 2018.

Please check this statement periodically as it may be amended to ensure compliance with the GDPR and other data protection requirements and advice

RETENTION OF RECORDS SCHEDULE

This Schedule should be read in conjunction with Seacourt’s Privacy Policy.  It sets out the time periods that other types of records, in whatever form held, will be retained for business and legal purposes. 

Personnel Records                              The retention period

Rejected job applicant details             6 months following the date notified of rejection

Contact details                                   

Application letters or forms

CVs

References

Certificate of conduct

Interview notes

Assessments

 

Applications of appointed applicants  6 years after employment ceases

Including:

Letters and forms

Copies of academic or training certs

References

Correspondence about employment

CVs

Interview notes

Evaluation forms assessments

Criminal records information/forms    1 year after assessment was last used

Criminal record assessments for particular post

Disclosure and Barring                        

DBS Certificates                                            

AccessNI data                                      for the duration of employment or involvement with                                                                                         Seacourt or longer if required

Employment contracts, including:      6 years after employment ceases

Personnel and training records          (also applies to temp workers/facilitators)

Written particulars of employment

Conditions of Service and any changes

to terms and conditions

Directors’ documentation                    6 years after leaving the Board         

Conflict of interest documents

Declarations etc

 

Identification documents relating        2 years from date of termination of employment

to foreign nationals (including

Right to work documents)

 

Employee performance                        6 years after employment ceases

Conduct records including:

Probationary period review

Review and assessment records

Appraisals and evaluations

Promotion/demotion Records

Records relating to Working Time Directives

 

Redundancy Records                         6 years after the end of the relevant tax year

Annual leave Records

Parental Leave Records

Sickness Records

Return to Work Records

Payroll & Salary Records                  

Including:

Records for the purpose of tax

Returns, wage and salary details

Overtime, bonuses, expenses

PAYE Records including:                   3 Years after the end of the relevant financial year

Wage sheets

Deductions working sheet

Calculations of PAYE income

of employees and relevant

Payments

Income tax and NI returns                 

Income tax records

Correspondence with HMRC

Employee income tax and                 

National Insurance and assoc

HMRC correspondence

Statutory sick pay records                 

 

Wage and salary records                    6 years after the end of the relevant tax year

Includes overtime, bonus,

Expenses

HEALTH & SAFETY RECORDS

Records of reportable injuries            3 years from the date of entry

Diseases or dangerous occurrences

Including injuries arising out of accidents

at work

 

revised 18.07.2018