Privacy Policy
I take your privacy very seriously. My privacy policy below explains what information I collect and how I use it and protect it. I hate spam as much as you do and will never sell, distribute or make public your personal information.
Newsletter
If you choose to subscribe to my email newsletter, the email address that you submit to me will be forwarded to MailChimp, which provides me with email marketing services. I consider MailChimp to be a third party data processor (see below). The email address that you submit will not be stored within this website’s own database.
Your email address will remain within MailChimp’s database for as long as I continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that I send you or by requesting removal via email. When requesting removal via email, please send your email to me using the email account that is subscribed to the mailing list.
While your email address remains within the MailChimp database, you will receive regular (usually bi-monthly) newsletter-style emails from me, detailing dates of upcoming courses and any art events that I am involved in. Your details will not be shared with any other parties.
Website
Like most websites, my site uses Google Analytics (GA) to track user interaction. I use this data to determine the number of people using my site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to me. GA also records your computer’s IP address, which could be used to personally identify you, but Google does not grant me access to this. I consider Google to be a third party data processor (see below).
GA makes use of cookies, which are short text files stored on a user’s device (such as a computer, tablet or phone) by a website. Cookies are used for the technical functioning of a website or for gathering statistics. They are also typically used to provide a more personalised experience for a user – for example, when an online service remembers your user profile without you having to login.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
Blog
If you choose to subscribe to my blog by email, the email address that you submit will be held by WordPress, which hosts the blog. I consider WordPress to be a third party data processor (see below). The email address that you submit will not be stored within this website’s own database.
Your email address will remain within WordPress’s database for as long as I continue to use WordPress to host my blog or until you specifically request removal from the list. To unfollow the blog, visit your Subscription Management page and click the Unfollow link next to the blog title. Changes to these settings will be immediate. You can also request removal via email: when doing this, please send your email to me using the email account that is subscribed to the blog.
Online shop
If you book for a course or buy something from my website or online Big Cartel shop, your personal information, including credit or debit card details, will be held by Big Cartel/Stripe or PayPal, depending on how you pay. I consider Big Cartel, Stripe and PayPal to be third party data processors (see below). The information that you submit will not be stored within my website’s own database or in any of my internal computer systems.
Big Cartel and PayPal process payments for any products/services purchased through my online shop. Neither myself, Big Cartel/Stripe nor PayPal retain any financial information you may submit as part of the purchasing process. Big Cartel/Stripe and PayPal monitor every transaction, 24/7, to prevent fraud, email phishing and identity theft. Every transaction is heavily guarded behind advanced encryption. If something appears suspicious, their dedicated teams of security specialists will identify suspicious activity and help protect you from fraudulent transactions.
Your data as mentioned above is encrypted before transmission to prevent misuse of the transmitted data by third parties. SSL (Secure Socket Layer) is a security technology which guarantees that your personal data, including credit card information, login data and payment method, are securely transferred via the Internet. The data is encrypted so that it is only readable by the Big Cartel/Stripe and PayPal payment systems.
Your data, which is encrypted, is as follows:
* personal data (address data, telephone number, etc.)
* login data (username and password)
* all methods of payment selected, credit card and bank account.
Third party processors
I use the following third parties to process personal data on my behalf. These third parties are based in the United States and are committed to complying with the EU General Data Protection Regulation 2018 (GDPR) when it comes into force on 25 May 2018. They are already EU-U.S Privacy Shield compliant.
* Big Cartel (privacy policy)
* Stripe (privacy policy)
* Google (privacy policy)
* Mailchimp (privacy policy)
* PayPal (privacy policy)
* WordPress (privacy policy)
Accuracy and retention of data
I do my best to keep your data accurate and up to date, assuming you provide me with the information I need to do so. If your data changes (for example, if you have a new email address), then you are responsible for notifying me of those changes.
Upon request, I will provide you with information about whether I hold, or process on behalf of a third party, any of your personal information. I will retain your information for as long as your account is active or as long as needed to provide you with our services. Unless it is prohibited by law, I will remove any personal information about you from my records at your request.
Data breaches
I will report any unlawful data breach of this website’s database or the database(s) of any of my third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Changes to our privacy policy
This privacy policy may change from time to time in line with legislation or industry developments. I will not explicitly inform my clients or website users of these changes. Instead, I recommend that you check this page occasionally for any policy changes.