www.paulrileyart.com is committed to ensuring the privacy of all our customers. All information is collected and processed in accordance with the UK’s Data Protection Act 1998 and the new EU General Data Protection Regulation (GDPR). If there are any obvious omissions in our policy please let us know.
Who we are
www.paulrileyart.com is an established online art gallery in Devon offering Paul Riley’s paintings for sale.
Paul Riley Art
Coombe Farm Studios
tel: +44 (0)1803 722 266
Our website address is: https://paulrileyart.com.
What personal data we collect and why
As a business providing art work for sale most of the information we collect is to enable sales, answering enquiries, and to provide follow up marketing to those who have shown an interest in our service. This includes name, address, telephone No. and email address.
We collect this information at the time of sale or enquiry, either via our shopping cart system, over the telephone, in person, by email or even occasionally by letter.
Note that we do not store credit card details. Payment is made via the secure Paypal third party payment gateway.
At the time of sale or enquirey you will be asked to give consent to receive our occasional newsletters to enable customers to stay in touch with the latest news from Paul Riley Art, as well as events and special offers.
It is also possible to subscribe to our mailing list on our website.
You can unsubscribe from our mailing list at any time.
- No personal information is stored by our cookies on our site.
- Our cookie sessions expire after you leave our site.
- Our system logs automatically collects your IP address (most often supplied by your broadband supplier and usually swapped from time to time). If you are connected to the Internet you have one, for example it may look something like this 22.214.171.124. This information is stored in our logs and is rotated (deleted) after a few days.
Google Analytics are used by the vast majority of websites to collect information in an anonymous format that is useful to site owners, this may include the number of visitors to the site, where visitors have come to the site from and the pages they visited. Google Analytics cookies can remain in your browser for a long time unless you change your browser settings to remove them after a given period or action, such as quitting the browser.
Who we share your data with
Your information will be available to select Paul Riley Art staff for administration purposes and to carry out marketing activities. Otherwise your information will be retained by us except where disclosure is required or permitted by law or when we use third party service providers to supply and support our services to you.
We use third-party service providers such as our web developers and online mailing list systems to help us provide services to you.
All of our third party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.
How long we retain your data
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.
For example, customers often wish to collect further works of art so it is useful to maintain them on our customer database. However, from time to time we do check how long since a customers last contact and anyone who has not been in contact a while will have their personal data removed.
Subscribers to our mailing list will be removed on request.
What rights you have over your data
You are entitled to request a copy of the personal data we hold about you. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Please make such requests by email to email@example.com. Please include your full name, detail about how you believe we recorded your data (for example you are made a purchase or joined our mailing list). If we do hold your personal data we will respond in writing within one calendar month of your request.
Please note that you may need to provide proof of ID before we will release personal data.
How we protect your data
We have put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. These includes:
Using high level secure hosting suppliers for our website, password protecting all local systems and encrypting all computer equipment and backups.
We have installed an SSL Secure certificate (HTTPS) for our entire website and encrypting data flow between the client browser and web server.
You can find our more about data protection at the Information Commissioner’s website. https://ico.org.uk/
Use of Personal Information
We will never send unsolicited ‘junk’ email or share your data with anyone else who might.
We will only send you information about our services if requested by you to do so.
We will not disclose information regarding our customers to third parties unless the client has first given their consent or if required to do so by law.
Information collected about the customer is used only for the provision of our services to the customer. This information is not used for any other purpose.
If you have any concerns about privacy matters please contact us at firstname.lastname@example.org.
Our system automatically collects your IP address. If you are connected to the Internet you have one, for example it may look something like this 126.96.36.199. This information is stored in our logs and may be referred to in case of any dispute.
The Data Protection Principles
Anyone processing personal data must comply with the eight enforceable principles of good practice. They say that data must be:
- used fairly and lawfully
- used for limited, specifically stated purposes
- used in a way that is adequate, relevant and not excessive
- kept for no longer than is absolutely necessary
- handled according to people’s data protection rights
- kept safe and secure
- not transferred outside the European Economic Area without adequate protection
Personal data covers both facts and opinions about the individual. It also includes information regarding the intentions of the data controller towards the individual, although in some limited circumstances exemptions will apply. With processing, the definition is far wider than before. For example, it incorporates the concepts of ‘obtaining’, holding’ and ‘disclosing’.
You can review the Data Protection Principles at www.gov.uk/data-protection
Cookies are very small text files that are stored on your computer when you visit some websites. You can remove any cookies stored on your computer in your Browser Preferences. You can also turn off cookies completely, but this may stop websites from functioning properly.
- Cookie we use include PHP Session ID (PHPSESSID) are used to keep track of your sessions on our website. This is useful for example, when users submit forms, buy online or open new windows or tabs. No personal information is stored in this cookie.
- No personal information is stored by our cookies on our site.
- Our cookie sessions expire after you leave our site however cookies might be stored by your browser dependent on your browser settings.
- This site uses Third Party Cookies such as from Google Analytics’s.
Third Party Cookies
The following cookies may be added by a third party and have the following purposes.
Google Cookies Tracks the pages you visits via Google Analytics. This tracking is anonymous and does not include personal information. Google Analytics is covered by the requirements of the EU Cookie Law. For further information on Google Analytics cookies, please visit www.google.com/analytics.