Home » Privacy Policy

Privacy Policy

Who we are

Tees Valley Arts is a Company Limited by Guarantee, Registration No.: 1656560, and a Registered Charity, Registration No.: 515369, both of which are registered in England and Wales.

Our Registered Address is Royal Middlehaven House, 21 Gosford Street, Middlesbrough, North Yorkshire, TS2 1BB.

Our website address is https://www.teesvalleyarts.org.uk.

What personal data we collect and why we collect it

We gather and use certain information about individuals who use this website, in order to: provide products and services; to enable certain website functions; to better understand how visitors use this website; and, to present timely and relevant information to visitors. This may include the following information:

Comments

The comments service on our website is provided by Disqus (Disqus Inc) with whom you have to register separately and as Data Controller for the comments service. Their privacy policy can be read here and their EU Privacy Shield registration here.

Contact forms

If you submit an enquiry to our website using our contact form you are required to give us explicit consent prior to submitting that enquiry. This may include the following information:

  • Your name
  • Your contact information including email address
  • Other written information related to your enquiry that you provide
  • Information about how you heard about us

Cookies

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

This website uses Google Analytics (Google LLC), a service which transmits website traffic data to Google servers in the United States under the terms of the EU Privacy Shield. Google does not identify individual users or associates your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage. To opt out of Google Analytics you can install the Google Analytics Opt-out Browser Plugin.

Who we share your data with

We will not share your personal information with or sell it to any other third-party unless we have your permission or the law requires us to. We do, however, use the following third-party service providers named below to process and where applicable and subject to the proper legal protections store your data:

Automattic

This website uses the opensource WordPress platform created by Automattic Inc and uses plugins designed by them, such as Jetpack. Their plugins place cookies on your computer on our behalf. The purpose and use of these cookies are described by Automattic in their Cookie Policy. You can also refer to their Privacy Policy and their EU Privacy Shield registration.

MailChimp

We use the MailChimp service provided by The Rocket Science Group, LLC to manage our opt-in email marketing subscriber lists and send emails to our subscribers. You can also refer to their Privacy Policy and their EU Privacy Shield Registration.

WordFence

Our website is protected by a firewall call wordfence provided by Defiant Inc. We have entered into a specific data processing agreement with Defiant Inc, as part of our GDPR compliance and you can read more about the cookies they use on our behalf here and their privacy policy here.

WPForms

If you submit an enquiry to our website using our contact forms then you are required to give us explicit consent prior to submitting that enquiry. Our contact form service is provided by WPForms (WPForms, LLC) who process your data on our behalf.

How long we retain your data

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Our Google Analytics profile stores user and event data that is associated with cookies, user identifiers, or advertiser identifiers for 26 months (as recommended by Google), after which it is automatically anonymised.

What rights you have over your data

If you have an account on this site you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

We store data in the following locations, in order of preference: UK, EU or the United States with partners who are certified members of and/or working towards certification of the EU Privacy Shield.

Your contact information

For more information please email privacy@teesvalleyarts.org.uk.

Additional information

Data Protection Policy

You can read Tees Valley Arts Data Protection Policy here.

How we protect your data

Full details of how Tees Valley Arts protects your data are detailed in our Data Protection Policy, which can be read here. In accordance with best practice our website uses SSL encryption provided by letsencrypt.org and uses a Firewall provided by WordFence.

What data breach procedures we have in place

If a data breach occurs then we will report it within 72 hours to the Office of the Information Commissioner, as required by law.