Privacy Policy
PURPOSE OF THIS NOTICE
Rising Arts Agency (”we”, “us”, “our”) are committed to protecting your personal information and being transparent about what information we hold about you.
Rising offers a range of services, transactions and communications which requires the processing of your personal data.
Using personal information allows us to provide you with relevant and timely information about the work that we do and to develop a better understanding of our community.
The purpose of this notice is to give you a clear explanation about how we collect and process your information.
We use your information in accordance with all applicable laws concerning the protection of personal information. This notice explains:
What information we may collect about you;
How and why we may use that information;
In what situations we may disclose your details to third parties;
Our use of cookies to improve your use of our websites;
Information about how we keep your personal information secure, how long we maintain it and your rights to be able to access it
If you have any queries about this notice, please contact the Data Protection Officer at euella@rising.org.uk.
When do we collect information from you?
Generally, we collect your information when you decide to interact with us. This could include booking a space on an event, over the phone or in person or it could be when you sign up to receive emails from us. We also look at how our audience use our website, so that we can offer the best possible experience whether you’re trying to join one of our programmes, initiate a partnership, or just find out more about us.
We collect information when you:
subscribe to any of our mailing lists;
contact us about joining our creative community; or commissioning Rising to do some work with you
purchase any of our products on our website or in person;
book tickets through Eventbrite for one of our events;
meet to discuss potential support you may give to us, or make a donation online or by phone;
use or view our website via your browser’s cookies;
respond to a survey hosted on a platform such as Typeform;
attend a meeting, training session, event or workshop
What information do we collect about you?
The personal data we collect about you varies depending on the service you request from us.
When you book a space on an event or make a purchase we may collect:
Name
Email address
Address
Postcode
Contact phone numbers
Age / date of birth
Payment card details. (Please note, we will not hold payment information for any longer than it takes to process your transaction. All debit and credit card information is processed securely, and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS))
Access requirements
Purchase history
Organisation
Names of other attendees
When you get in touch to join our community we may collect:
Name
Email address
Contact phone number
Information obtained through cookies*, when you use our website, or engage with our emails:
IP address
Web browser type and version
Type of device
Operating system
Web address you arrived at our site from
Length of visit
*for more information please refer to the Cookies section in this privacy notice.
Other information we collect:
Correspondence
If you correspond with us generally, for example to ask us a question, enquire about joining our community, or begin a conversation about a potential partnership, we will also collect any other information you choose to send to us in that correspondence.
Telephone number
When you book a space on any of our events or join our community we will collect your telephone number so that we can contact you in case of changes to the event or last-minute information you need for any work you are involved with.
Age/date of birth
As an agency with a specific offer to 18-30 year-olds we request this information if you enquire about joining our community to check whether we are able to offer you support. We will then store this information, where relevant.
Access requirements
Rising is committed to making everyone’s experience as accessible as possible. We securely collect and store these on our community database so that we can ensure we meet any requirements you may have in relation to access.
Payment details
When you make a purchase from us or book a paid ticket for an event we will collect payment information from you such as credit or debit card details or bank information for the purposes of taking payment. All debit and credit card information is processed securely, and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS)
Allergy & dietary information
If you are attending an event where there is food provided, we may also collect allergy and dietary information about you and any guests you are bringing. This information will only be used for the purposes of catering the event.
Demographic information or specific interests
As an agency mobilising for social change, a number of our programmes are tailored to participants with specific lived experiences, such as being marginalised as a result of race, sexuality, class, or gender identity. So that we can best match community members to relevant work, we may collect any demographic information you are happy to disclose. Any information will be stored securely and subject to the usual data rights. We may also collect information about your medium, practice, or interests for similar matching.
Your content on our website
When you submit work for display on our website, we will collect and store your name, image, and the content itself—whether that’s a blog post, a single piece, or a full portfolio. You have the option of having your content posted anonymously. If it is, it will be published under a blank account or by a member of the Rising team.
WHY WE COLLECT YOUR PERSONAL INFORMATION AND WHAT WE DO WITH IT
We use information in a number of ways, the main ways being:
because it is necessary to deliver the services you have requested from us and to fulfil our obligations to you in providing these services
to inform you by email or other means of similar events, programmes or services run by us which we think may interest you; or
For evaluation, sometimes it’s necessary so that we can see what we are doing well and what we could be doing better
Specifically we use your information in the following ways:
To carry out our administrative work and to provide a service or carry out a contract with you:
to fulfil event booking or purchase requests (including confirmation of your booking/purchase) [ticketing processed by Eventbrite on our behalf];
process payments (note: we do not store any Credit Card or other payment information once the transaction has been completed);
provide the best possible support and to help us with our internal administration;
contact you with important information relating to your event booking, such as confirming your order, reminding you of an upcoming event you’ve booked for or letting you know about updates to event details
Where we have your consent:
send you updates via email about what’s on, news or about supporting us;
email you directly or from a mailing list about a specific area you’ve requested to hear more about such as an upcoming programme or area of research;
email, message, text or call you directly as a member of our community about opportunities or news;
share your details with other arts organisations whose work you may have seen or participated in through Rising. This will be limited to name, email address and booking details for the event linked with the partner organisation. You will always be able to opt out of their communications by contacting them directly.
Where we have justifiable reason (including legal obligation and legitimate interest):
send you occasional mail informing you of important news;
measure and understand how our audiences respond to a variety of marketing activity so we can ensure our activity is well targeted, relevant and effective;
to contact you to ask you to participate in community research. You are under no obligation to participate in research and, should you provide any further information, we will inform you how any further information will be used. All information gathered for research purposes is anonymised and aggregated for analysis;
analyse and continually improve the services we offer including our programme and our website;
to inform you of any changes related to your booking and/or purchase schedule;
to analyse the way in which our website is used and the content and links that you interact with, in order to improve our website services;
to analyse the way in which our emails to you are received by you, and the content and links that you interact with, in order to improve our communications with you
to help diagnose and manage the website, to audit the geographical make-up of users, and to establish how you have arrived at the website (this is through your public IP address which is a unique number which allows a computer, group of computers or other internet connected device to browse the internet. The log file records the time and date of your visit, the pages that were requested, the referring website (if provided) and your internet browser version)
Who do we share your information with?
We will never sell your information.
We don’t share the information that is provided to us except:
with third party service providers, such as hosting providers or an email service provider, who provide services to us so that we are able to fulfil our obligations to you or, where we are able to send you marketing information, to do so;
if you have donated money to us and have notified us that you are registered for gift aid, we will share your information with HMRC and the Charity Commission in order to process this;
if we have a legal obligation to disclose your information (for example, if a court orders us to);
if another company takes over our company, or if we go insolvent, or if we merge with another company, in which case the company that receives your information will protect the information in the same way we do. If we transfer our obligations under our terms of use to another company, this may mean that we need to transfer your personal data to that company. We will contact you to let you know if we plan to do this. If you are unhappy with the transfer you may contact us to end your contract with us within 30 days and if you do so, we will not transfer your data to that company;
if we run an event in partnership with another named organisation we will also share information with that partner to enable it to report to funders and inform audience development strategy. Any data shared for these purposes will be in an anonymised and aggregated form
How do we protect your data and how long do we keep it for?
All your information is kept on secure servers, is subject to strict security processes and only shared with staff members who have been trained and need to see it. We ensure that high standards of security and protection are met by abiding by our Data Protection Policy and Procedure.
Note: Rising may transfer your data to USA based organisations such as Mailchimp (which we use to manage our email communications). The USA has weaker data protection laws than that of the EEA (European Economic Area) and we will ensure that we only use organisations who are a part of the EU privacy shield initiative to handle your personal information, therefore ensuring your data rights are maintained. More details on this certification can be found at www.privacyshield.gov/welcome.
Rising will keep your profile and/or work on the website as long as is appropriate (unless you ask us to remove it). We’ll also keep your information on our internal records for as long as your content is hosted on our website.
We will only ever retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
If you ask us to stop sending direct marketing communications to you, we will keep the minimum amount of information (e.g. name, address or email address) to ensure we adhere with such requests.
For more information about types of data and length of retention, please see Appendix F: Retention Time of Records Containing Personal Data in the Data Protection Policy.
Data control
Rising Arts Agency is the data controller for all data we collect and store.
We collect personal information through a number of different ways when you choose to interact with us, all of which are subject to strict data security processes to ensure your personal information is kept safe at all times.
In addition we use the following data processors to enable us to collect, process and securely store the data we obtain:
We use Eventbrite to process all ticket bookings and event sign-ups
We use Mailchimp to manage our email communications
We use Raisely to manage our supporters, incl. regular givers
We use Typeform for job applications, surveys and polls
Any data processed on behalf of Rising is processed only to the extent required by them to perform the services that Rising requests. Any use for other purposes is strictly prohibited within a data sharing agreement between us and the provider. Furthermore, any data that is processed by third parties must be processed within the terms of this notice and in accordance with the United Kingdom Data Protection Act 2018 and General Data Protection Regulation 2018.
YOUR DATA, YOUR RIGHTS
You should find it easy to access and amend the personal information that we hold on you, or request that we stop contacting you. It’s your data and we want to make sure you feel in control of it.
Every email we send to you through MailChimp will include details on how to change your communications preferences or unsubscribe from future communications.
If you prefer, you can contact us by phoning, emailing, or writing using our contact details below.
You have a number of rights regarding your personal data. These include the right to:
know about and view the information we hold about you;
get your data deleted;
if you want us to delete the information we hold on you (including any information hosted on our website or any social media channels) just get in contact and we’ll remove all your information from the website, our social media channels and as much as we can from our systems (we will need to keep a minimal record that you requested your data to be deleted).
raise a concern;
get your information corrected;
withdraw your consent for us to process your information;
lodge a complaint with the Information Commissioner’s Office (www.ico.org.uk)
You have the right to request details of what information we hold about you. We will take steps to verify your identity before responding to your request and will then respond as soon as possible but no later than within a month. Please send a description of the information you would like to see, together with proof of your identity to euella@rising.org.uk.
You have the right to get information held about you by us corrected. If you have any concerns about the accuracy of your personal data, please let us know using the contact details below.
At the end of your relationship with us you can ask us to delete your personal data and we will do so as far as we are reasonably able and subject to our legal requirements to retain such data. You can also request that we provide you with written confirmation of the deletion of your personal data, which we will provide if we have deleted that data and can provide evidence of this.
If you would like to exercise any of your rights outlined in this notice or have any concerns or questions about the way in which Rising handles your personal data, please contact us:
For more information about your data rights in general, visit ICO Your Data Matters (https://ico.org.uk/your-data-matters), and for tips on how to keep your data safe online visit BBC Own It (https://www.bbc.com/ownit). You can also see page 1 of our Data Protection Policy.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Cookies: what are they and how do we use them?
On websites, a cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to the needs of service users. We only use this information for statistical analysis purposes.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
You can learn more about all the cookies we use below.
Granting us permission to use cookies
If the settings on your software that you are using to view this website (your browser) are adjusted to accept cookies, we take this, and your continued use of our website, as consent to the use of cookies. Should you wish to remove or restrict cookies on our site, you can learn how to do so below.
What cookies do we use?
Traffic Log/Anonymous Visitor Statistics Cookies
We use cookies to compile visitor statistics such as how many people have visited our website, what type of technology they are using (e.g. Mac or Windows—which helps to identify when our site isn't working as it should for particular technologies), how long they spend on the site, what page they look at etc. This helps us to continuously improve our website. These so-called “analytics” programs also tell us how, on an anonymous basis, people reached this site (e.g. from a search engine) and whether they have been here before—helping us to direct our engagement efforts in a relevant way.
We use Google Analytics (http://analytics.google.com) to deliver this information.
Details about cookies set by Google Analytics below:
Cookie Name
_ga
_gid
_gat
AMP_TOKEN
_gac_
_ _cfduid
cookieconsent_status
Default Expiration Time
2 years
24 hours
1 minute
30 seconds to 1 year
90 days
1 year
1 year
Description
Used to distinguish users.
Used to distinguish users.
Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_.
Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.
Contains campaign related information for the user. If you have linked your Google Analytics and AdWords accounts, AdWords website conversion tags will read this cookie unless you opt-out. Learn more.
The _cfduid cookie helps Cloudflare detect malicious visitors to the website and minimizes blocking legitimate users. It may be placed on the devices of our customers' End Users to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It is necessary for supporting Cloudflare's security features.
This cookie is to log that the user has acknowledged the privacy notice/cookie banner and prevents it from reappearing.
Third party cookies
On our site we may embed content from third parties such as YouTube, Facebook and Twitter. These sites may deliver their own cookies. We do not have any control over these third party cookies and you should visit their websites to find out more about their use of cookies.
How do I prevent cookies?
Your web browser should allow you to restrict or delete cookies set by our site. Alternatively, you can visit www.allaboutcookies.org which provides general information about cookies and how you can manage cookies on your computer.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
CONTACT DETAILS
Nominated Data Protection Lead
Name: Euella Jackson, Co-Director
Email: euella@rising.org.uk
Board member/Senior lead for data protection
Name: Kamina Walton (Non-Executive Director)
Phone/email: kaminawalton@gmail.com
If you would like to exercise any of your rights outlined in this notice or have any concerns or questions about the way in which Rising handles your personal data, please contact us:
euella@rising.org.uk
Tel: 07517 437481
How to contact the appropriate authorities
You have the right to lodge a complaint with the supervisory authority, The Information Commissioner’s Office – www.ico.org.uk