Leinster Printmaking Studio takes data privacy seriously. This Policy sets out how we, as a data controller, collect and process personal data about:
Visitors to our website
Individuals who we communicate or interact with in the course of our business
Individuals whose personal data is provided to us in connection with the sale of a product or the provision of our services
Information that we collect
There are instances where we invite or request individuals to provide us with their personal data, including through our website via a contact form or purchase form, in the course of our business and in connection with the sale of a product or provision of our services. In addition, individuals may volunteer their personal data to us by various means of communication, including by telephone or email.
We may also receive personal data indirectly. Categories of such personal data include names, addresses, e-mail addresses, telephone numbers and other information that is relevant to the sale of a product or provision of our services.
Use of Personal Data
The purposes for which we use personal data and the legal basis for why that processing is necessary or permitted are:
Communicating with you in the course of our business
Providing our services and managing our business
Maintaining and operating our website
Providing customers and business contacts with information about exhibitions, education courses or other events directly associated with the Studio or Gallery
Marketing to non-customers or non-business contacts
Processing your order, payment information and delivering a product
For the prevention and detection of fraud and other crimes or for the purpose of responding to a binding request form a public authority or court
Transferring information to third parties, including our service providers
Disclosure of your Personal Data
We may disclose your personal data to:
A third party who provides a service to us, including our Internet Service Provider who records data on our behalf; our marketing platform MailChimp, and third-party payment processors
A third party where we are under a duty to disclose or share your personal data to comply with any legal obligation
A third party where necessary for our legitimate interests to protect our rights, property and safety of our customers or others
A prospective seller or buyer of our business or assets
To the limited extent it is necessary to transfer your personal data to a third party located outside of the EEA (including our marketing platform Mailchimp, who is located in the US, and EU-US Privacy Shield certified), we will ensure appropriate safeguards are in place to protect the privacy and integrity of your personal data. Please contact us if you wish to obtain information concerning safeguards in place with.
You have the right to request access to, rectification or erasure of your personal data, or restriction of processing or object to processing of your personal data, as well as the right to data portability. In each case, these rights are subject to restrictions as laid down by law. The following is a summary of your rights:
The right of access enables you to receive a copy of your personal data
The right to rectification enables you to correct any inaccurate or incomplete personal data we hold about you
The right to erasure enables you to ask us to delete your personal data in certain circumstances
The right to restrict processing enables you to ask us to halt the processing of your personal data in certain circumstances
The right to object enables you to object to us processing your personal data on the basis of our legitimate interests (or those of a third party).
The right to data portability enables you to request us to transmit personal data that you have provided to us, to a third party without hindrance, or to give you a copy of it so that you can transmit it to a third party, where technically feasible.
You have the right to lodge a complaint with the Data Protection Commission, in particular in the Member State of your residence, place of work or place of an alleged infringement, if you consider that the processing of your personal data infringes the GDPR.
If you wish to exercise any of these rights, please contact us (see Contact Us ). We will respond to your request within one month. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receipt of your request. We may request proof of identification to verify your request. We have the right to refuse your request where there is a basis to do so in law, or if it is manifestly unfounded or excessive, or to the extent necessary for important objectives of public interest.
Storage of your personal data
We will store your personal data only for as long as necessary for the purposes of providing our services to you, processing your orders, delivering a requested product or service, as required by law, and for the exercise or defence of legal claims.
Customers purchasing through our website will also be given an option to subscribe to our database. If, at any stage, you no longer wish to receive this information, please use the unsubscribe link attached to the mail or contact us at firstname.lastname@example.org
The security of your data is important to us but please note that the transmission of information via the internet is not completely secure. We have implemented a variety of organisational and technical security measures to help protect your personal data from unauthorised access and use. As effective as these security measures are, no physical or electronic security system is entirely secure, and we cannot guarantee the complete security of our database, nor can we guarantee that information you supply to us over the internet will not be intercepted. We will continue to review the effectiveness of our security measures to ensure the protection of your personal data.
Contact Us: email@example.com
Last Updated: 24 September 2020