Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the Westcountry School of Myth.
- “You”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a user’s computer or device.
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in detail here;
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.
Data security and protection
We are committed to protecting and respecting your privacy. For the purposes of data protection law, the data controller with conduct of your personal data is Westcountry School of Myth. Our methods meet the GDPR compliance requirement.
Transparent Privacy Explanations: We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.
Email subscription to newsletter
Our newsletter is operated under the GDPR guidelines and is self subscription. However, you will be added to the list once you sign up for a course in order that you can be sent information not in the public domain, regarding the location of the venue and other practical details.
We only collect certain data about you. This consists of your email address and your name. If you sign up to a course we will also request information regarding dietary preference and allergies so that we can cater for you.
Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third-party service provider of software / applications that allows the sending out of email campaigns to a list of users. We use Mailchimp.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, IP addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign. This may help to ensure that we tailor our emails more specifically to your needs, requests and interests.
We do not use automated decision making about you based on your information.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe.
Further information you give us
This is information about you that you give us by filling in forms via links sent out by email, or by corresponding with us by e-mail or otherwise. It includes any information you provide and may include your name, address, e-mail address and phone number, and any bank details provided when payments are made and for the purpose of refunds. We do not accept credit card payments or store any bank details.
We use information you give us in the following ways:
2.1 To carry out our obligations arising from any contracts entered into between you and us. This includes providing you with the information required for you to attend the course you have signed up for.
2.2 To respond to your enquiries or follow up our own enquiries.
Grounds for processing your information
To maintain accurate records of potential course participants (via the Mailchimp newsletter) so that we may send out course details to interested parties, and, occasionally, to disseminate information of interest relating to the School of Myth and Dr Martin Shaw. For participants who sign up to a course, it is so that we might contact you with necessary information prior to the course, and to be able to meet any needs that you might have (for example, dietary requirements) as far as possible.
Duration and further processing
We only keep your information for so long as it is reasonably necessary. Your personal information is not shared with anyone except where we are required to do so to comply with the law, to protect our rights, or to efficiently operate our business. It is possible that outsourced IT providers may in certain circumstances require access to data held on our systems, for example when we need to troubleshoot a technical issue. Our IT providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times.
Generally speaking, we keep your personal information for the following periods of time:
4.1 The information supplied by subscribers to our EMS is kept as long as you are subscribed and is not used or shared with anyone else for any other purpose than previously described.
4.2 Information supplied by those who have entered into a contract for our courses is kept for the duration of the course and for two years after. It is not used for marketing or any other purpose, but serves as a record of correspondence in case of queries later.