How your personal information may be used by Seacourt Print Workshop
Your information will be held by Seacourt Print Workshop Ltd, a company registered in Northern Ireland with Company Number NI24162 and accepted as a charity by the Charity Commission for Northern Ireland, NIC10578.
Our registered office is at Unit 20, 8 Balloo Drive, Bangor BT19 7QY.
Our Director is Emma Drury.
You can contact us by telephone at 028 9146 0595 or by email at firstname.lastname@example.org.
More information about Seacourt Print Workshop - The Centre for Contemporary Printmaking - can be found at www.seacourt-ni.org.uk.
How we use your personal information
This privacy notice is to let you know how Seacourt will look after your personal information. This includes what you tell us about yourself and the choices you give us about what communication you permit us to send you. This notice explains how we do this and tells you about your privacy rights and how the law protects you.
Our Privacy Promises are simple. We promise to keep your data safe and private. We will not sell your data. We will only share your data with your consent or where we are required to do so for legal purposes. We will make sure you have given us clear consent about how we are to communicate with you and we will make it clear how you can review and change that consent.
How the law protects you
As well as our Privacy Promises, your privacy is protected by law. This section explains how that works. Data Protection law says that we are allowed to use personal information only if we have a proper reason to do so. The law says we must have one or more of these reasons:
To fulfil a contract we have with you, or
When it is our legal duty, or
When it is in our legitimate interest, or when you consent to it.
A legitimate interest is when we have a valid business reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.
Where we collect personal information from
We collect personal information from you when you:
apply to become a member, attend any of our courses or ask to be included on our mailing list
talk to us on the phone or when you visit us
use our website or other social media to contact us
send us emails or letters
complete user surveys
apply to take part in or exhibitions, outreach or other projects
tell us about your medical needs
make payments or complete other transactions
are employed or work as a facilitator for us
are delivering a service agreement for us
- complete an accident report form
Who we may share your personal information with
We may have to share your personal information with these organisations:
Your payroll/pension service provider
Companies House if you are a Director
HM Revenue & Customs concerning your salary, tax, national insurance contributions or Gift Aid donations you make
Organisations we work closely with, for example, the Arts Council NI
If you use direct debits, we will share your data with the Direct Debit scheme
- Organisations you ask us to share your data with, for example, to provide a reference
What personal information we request and store and why we need it
The information requested and stored depends on what your relationship is with Seacourt.
If you are employed to work in any capacity or have a service agreement with us we will require this information:
Your full name, postal address, email address, home and/or mobile telephone number(s), your relationship with Seacourt, your remuneration and how we pay you, your banking details if we pay you using BACS, your National Insurance number, your tax code, your personal pension arrangements, your date of birth, your next of kin’s name and contact details and, if applicable, your Safeguarding status. We need this information to fulfil our contractual obligations and for legal purposes
When you join us as a member, visiting artist or intern we will require this information:
Your name, postal address, email address, home and/or mobile telephone number(s), membership or other category of relationship with Seacourt, how you pay us for using our facilities, your next of kin’s name and contact details. We need this information to fulfil our contractual obligations
When you visit us as a visitor or guest or friend of Seacourt we will ask for your consent to collect and store this information:
Your name, postal address and email address. We will only keep this information when you consent to it.
When you are a member and/or course participant or other facility user with special medical needs we will require:
Your name, postal address, email address, home and/or mobile telephone number(s), membership or other category of relationship with Seacourt, how you pay us for using our facilities, your next of kin’s name and contact details. Any medical information we need to ensure your needs are appropriately met. We need this information to fulfill our contractual and legal obligations.
How long will we keep your personal information for?
How long we store your personal information depends on your association with Seacourt. In general terms if you are our employee or work with us as a facilitator or provide a service agreement your data will be held for the duration of your engagement with us and up to a further six years following the actual leaving date. Please note after this period of time, or sooner if we have agreed to delete your data, we will be unable to provide any information concerning your employment, for example, to respond to a reference request. (Please refer our Retention of Records document at the end of this policy.)
If you are a member we will store your data for the duration of your membership and will delete it within three months of you terminating your membership with us unless you permit us to retain your contact details.
If you are a Seacourt associate, visitor or friend we will ask for your consent to store your name and contact preference(s) until you request us to delete your data. We will remind you each time we send you an email of your right to have your data deleted.
How can you be sure the personal information we hold about you is accurate?
You can ask us for a copy of the personal information we hold about you and we will provide it for you without undue delay and within 30 days of your request being received. We can only do this to you personally, to your home address or to your email address. If you subsequently wish any/all of your information to be corrected please contact us via email@example.com and we will update our records accordingly.
How can you get your personal data deleted from our records
You can withdraw your consent for us to hold your personal information at any time. We will inform you if we must retain some or all of your personal data and the reason why we are required to. To withdraw consent you can write or send an email to us at firstname.lastname@example.org. Please make sure you include the words “Amend/Remove my personal data” in the subject line.
How we keep your personal information safe
We will keep your personal information safe in the following ways:
Documents which include personal information will be stored in locked filing cabinet(s) in the office and will be accessible only to people who need to access the documents for legal or business purposes. This may include Seacourt’s Director, Administrative Assistant or Board Directors.
Documents relating to Safeguarding matters will only be accessible to the Safeguarding Designated Officer(s) and appropriate authorities.
Documents relating to special needs will be accessible to the Director, Administrative Assistant and lead facilitator on a need to know basis.
- Documents relating to employment, service delivery agreements, complaints and other policies will be available to the Board of Directors. Personal contact data will be available to the Director, Administrative Assistant and the Board of Directors as required.
Personal information held on Seacourt’s administrative computer systems, including back up hard drives is stored in password protected folders. Our administrative computer hardware is kept secure in the office. Our administrative computer systems are password protected and only used by authorised persons for appropriate purposes. Our systems are protected from online threats by up to date internet security programmes. We will do our utmost to ensure we take appropriate precautions to minimise the risk of serious data breaches.
Links to other websites
Seacourt’s website and other social media applications may contain links to other websites. One example is from our ‘Members’ page where some artists have provided links to their websites. Please be aware if you use such a link to leave our site we do not have any control over that website or how it may data.
At Seacourt Print Workshop we take your privacy seriously and will only use your personal information to contact you to supply you with information, or request information from you, when you have given us permission to do so.
You will be asked to complete a personal information form if you become a member, visiting artist, service user or provider, employee etc.
You will be asked for your consent to receive communications from us and to tell us the form of communication you consent to.
Last updated 19 July 2018.
Please check this statement periodically as it may be amended to ensure compliance with the GDPR and other data protection requirements and advice
RETENTION OF RECORDS SCHEDULE
Personnel Records The retention period
Rejected job applicant details 6 months following the date notified of rejection
Application letters or forms
Certificate of conduct
Applications of appointed applicants 6 years after employment ceases
Letters and forms
Copies of academic or training certs
Correspondence about employment
Evaluation forms assessments
Criminal records information/forms 1 year after assessment was last used
Criminal record assessments for particular post
Disclosure and Barring
AccessNI data for the duration of employment or involvement with Seacourt or longer if required
Employment contracts, including: 6 years after employment ceases
Personnel and training records (also applies to temp workers/facilitators)
Written particulars of employment
Conditions of Service and any changes
to terms and conditions
Directors’ documentation 6 years after leaving the Board
Conflict of interest documents
Identification documents relating 2 years from date of termination of employment
to foreign nationals (including
Right to work documents)
Employee performance 6 years after employment ceases
Conduct records including:
Probationary period review
Review and assessment records
Appraisals and evaluations
Records relating to Working Time Directives
Redundancy Records 6 years after the end of the relevant tax year
Annual leave Records
Parental Leave Records
Return to Work Records
Payroll & Salary Records
Records for the purpose of tax
Returns, wage and salary details
Overtime, bonuses, expenses
PAYE Records including: 3 Years after the end of the relevant financial year
Deductions working sheet
Calculations of PAYE income
of employees and relevant
Income tax and NI returns
Income tax records
Correspondence with HMRC
Employee income tax and
National Insurance and assoc
Statutory sick pay records
Wage and salary records 6 years after the end of the relevant tax year
Includes overtime, bonus,
HEALTH & SAFETY RECORDS
Records of reportable injuries 3 years from the date of entry
Diseases or dangerous occurrences
Including injuries arising out of accidents