Privacy Policy


Introduction
At Artdesk, we take the issue of your privacy very seriously, which is why we work diligently to ensure that we have policies and procedures in place, allowing us to continue bringing art enthusiasts together to share their love of art. The following privacy policy was developed in accordance with the Data Protection Act 2018 and UK General Data Protection Regulation (UK GDPR) and explains what personal information we collect or receive from you, how we process such personal information, and what we do to keep your personal information safe and secure.
Please carefully read the following to understand our views and practices regarding your personal information and how we will treat it.
Who we are and what we do
We are Artscapy Limited, the platform that brings the art world together to explore, connect, discuss, and collect art. Artdesk is the commerce solution division for art service providers and professionals. We are registered at UK Companies House and our company number is 12918699. Our office is based at 36 Fifth Avenue, Hampshire, England, Havant, PO9 2PL. We collect personal information from the following types of people to allow us to undertake our business:
  • You, individual users, and members who are using our websites and mobile application (app).
  • Personnel at galleries, auction houses, museums, and other art-related professional services that use our websites and app.
  • Art collectors and professional sellers who use our websites and app.
  • Our own employees, contractors, partners, and shareholders.
We collect information about you to carry out our core business and ancillary activities.
 Information you give to us or we collect about you
This is information about you that you give to us by enquiring on our website (https://artdesk.io/) or app, as well as corresponding with us by phone, e-mail, or other forms of communication. The information you give to us or we collect about you may include your name, e-mail address, age, date of birth, home address, identification documents, payment details, and specific data required for services that you request.
Information we collect about you when you visit our website
With regard to each of your visits to our website, we will automatically collect the following information:
  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information (if applicable), browser type and version, browser plug-in types and versions, operating system, and platform; and
  • Information about your visit, including the full Uniform Resource Locators (URL) and how you interact with our website.
 Purposes of the processing and the legal basis for the processing
We use information held about you in the following ways:
  • To carry out our obligations arising from any contracts we intend to enter into or have entered into between you and us and to provide you with the information and services that you request from us or which we think will be of interest to you.
  • To provide you with information about other services we offer which are similar to those that you already utilise, have been provided with, or you have enquired about.
  • Our legal basis for the processing of personal information is our legitimate business interests, described in more detail below, although we will also rely on contract, legal obligation, and consent for specific uses of personal information.
  • We will rely on legal obligation if we are legally required to hold information about you to fulfill our legal obligations.
 Our legitimate business interest
We process your personal information on a number of lawful bases, including your consent, where provided. One such lawful basis is “legitimate interests” which means that we are permitted to process your personal information where:
  • We have a genuine and legitimate reason; and
  • We are not harming any of your rights and interests.
 Consent
Should we want or need to rely on consent to lawfully process your personal information we will request that you provide your consent verbally, by email, or by an online process for the specific activity for which we require consent and your response will be recorded on our system. Where consent is the lawful basis for processing your personal information, you have the right to withdraw your consent to this particular processing at any time.
Other uses of your personal information:
  • To notify you about changes to our service;
  • To ensure that content from our website is presented in the most effective manner for you and for your computer or any other device used to access Artdesk;
  • To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical, and survey purposes;
  • To improve our website to ensure that our service is provided in the most effective manner for you;
  • As part of our efforts to keep our website safe and secure;
  • To enable us to keep in touch with you regarding your activity in the marketplace;
  • To develop additional features to enhance the Artdesk service;
  • To measure or understand the effectiveness of advertising we provide to you and others, and to deliver relevant advertising to you in accordance with your related consent; and
  • To make suggestions and recommendations to you and other users of our website about goods or services that may interest you or them.
 We do not undertake automated decision-making or profiling. We do use our computer systems to search and identify personal information in accordance with parameters set by a person. A person will always be involved in the decision-making process.
Cookies
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a positive and tailored experience when you browse our website and further helps to improve our website. Our website uses cookies that are strictly necessary to enable you to move around the site or to provide certain basic features. We use cookies to provide better functionality of the website by storing your preferences. We also use cookies to help us to improve the performance of our website and to provide you with a better user experience. The information we collect using cookies is anonymous. We will never (and will not allow any third party to) use the statistical analytics tool to track or to collect any personally identifiable information of visitors to our website or associate your IP address with any other data held about you. We will not associate any data gathered from this site with any personally identifiable information from any source, unless you explicitly submit that information via a fill-in form on our website.
We may use the following types of cookies on our website:
  • Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
  • Analytical/performance cookies. These cookies allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies. These are used to recognize you when you return to our software products. This enables us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).
  • Targeting cookies. These cookies record a user’s visit to a website, the individual pages visited, and the links followed. If the cookie is set by a third party (for example, an advertising network) which also monitors traffic on other websites, this type of cookie may also be used to track a user’s movements across different websites and to create profiles of their general online behavior. Information collected by tracking cookies is commonly used to serve users with targeted online advertising.
 What are the specific cookies that Artdesk uses?
In addition to the cookies listed below, Artdesk also uses Google Analytics to recognise and count the number of visitors to our website and to see how visitors move around the website when they are using it. The information generated by the cookie about your use of the website, including IP address, is transmitted to Google. This information is then used to evaluate your use of the website and to compile statistical reports on website activity for Artdesk. More information in this regard can be found by visiting Google here.
  • Strictly necessary cookies
Cookie Name Type Purpose
Log in_SessionId Session This cookie is required to determine the Log in session that is in use. These are temporary cookies used in our website which helps us identify users and track their activity on specific pages to provide better user experiences. It may also contain details such as customer name, organisation name, and email address. These cookies are automatically deleted as soon as you close your browser. Session cookies and similar technologies may be used for our website to improve its quality.
  • Cookies which can improve the website and user experience
Cookie Name Type Purpose
Log in_SessionId Session This cookie is required to determine the Log in session that is in use. These are temporary cookies used in our website which helps us identify users and track their activity on specific pages to provide better user experiences. It may also contain details such as customer name, organisation name, and email address. These cookies are automatically deleted as soon as you close your browser. Session cookies and similar technologies may be used for our website to improve its quality.
__utma Persistent This cookie keeps track of the number of times a visitor has been to the site pertaining to the cookie, the time of their first visit, and when their last visit occurred. Google Analytics uses the information from this cookie for various calculations, such as days and visits to purchase.
__utmb & __utmc Persistent The B and C cookies are brothers, working together to calculate how long a visit takes. __utmb takes a timestamp of the exact moment in time when a visitor enters a site while __utmc takes a timestamp of the exact moment in time when a visitor leaves a site. __utmb expires at the end of the session. __utmc waits 30 minutes, and then it expires. The __utmc has no way of knowing when a user closes their browser or leaves a website, so it waits 30 minutes for another page view to happen, and that does not occur, it expires.
__utmx & __utmxx Persistent This cookie is used by Website Optimiser and only sets when the Website Optimiser tracking code is installed and correctly configured for your webpages. When the optimiser script executes, this cookie stores the variation to which the visitor is assigned for each experiment which results in the visitor having a consistent experience on the website.
__utmz Persistent __utmz keeps track of where the visitor came from, what search engine was used, what links were followed, what keywords were used, and geolocation. It expires in 6 months. This cookie is how Google Analytics knows to whom and to what source/medium/keyword to assign the credit for a Goal Conversion or an Ecommerce Transaction. The __utmz cookie also allows its length to be edited with a customization to the Google Analytics Tracking code.
  • Cookies which can be used to target or retarget
Cookie Name Type Purpose
Log in_SessionId Session This cookie is required to determine the Log in session that is in use. These are temporary cookies used in our website which helps us identify users and track their activity on specific pages to provide better user experiences. It may also contain details such as customer name, organisation name, and email address. These cookies are automatically deleted as soon as you close your browser. Session cookies and similar technologies may be used for our website to improve its quality.
__utma Persistent This cookie keeps track of the number of times a visitor has been to the site pertaining to the cookie, the time of their first visit, and when their last visit occurred. Google Analytics uses the information from this cookie for various calculations, such as days and visits to purchase.
__utmb & __utmc Persistent The B and C cookies are brothers, working together to calculate how long a visit takes. __utmb takes a timestamp of the exact moment in time when a visitor enters a site while __utmc takes a timestamp of the exact moment in time when a visitor leaves a site. __utmb expires at the end of the session. __utmc waits 30 minutes, and then it expires. The __utmc has no way of knowing when a user closes their browser or leaves a website, so it waits 30 minutes for another page view to happen, and that does not occur, it expires.
__utmx & __utmxx Persistent This cookie is used by Website Optimiser and only sets when the Website Optimiser tracking code is installed and correctly configured for your webpages. When the optimiser script executes, this cookie stores the variation to which the visitor is assigned for each experiment which results in the visitor having a consistent experience on the website.
__utmz Persistent __utmz keeps track of where the visitor came from, what search engine was used, what links were followed, what keywords were used, and geolocation. It expires in 6 months. This cookie is how Google Analytics knows to whom and to what source/medium/keyword to assign the credit for a Goal Conversion or an Ecommerce Transaction. The __utmz cookie also allows its length to be edited with a customization to the Google Analytics Tracking code.
Facebook Pixel Persistent This cookie keeps track of visitors from Facebook and Instagram to the website and tracks their interaction with the website. You can learn more about it here.
LinkedIn Insight Tag Persistent This cookie keeps track of visitors from LinkedIn to the website and tracks their interaction with the website. You can learn more about it here.
Twitter Universal Website Tag Persistent This cookie keeps track of visitors from Twitter to the website and tracks their interaction with the website. You can learn more about it here.
What if I don’t want cookies?
You can restrict or block web browser cookies which are set on your device through your browser settings. You can be notified when cookies are sent to your browser, or you can refuse cookies completely. You can also delete existing cookies. The “help” function of your browser will explain how to do this.
You can visit https://www.aboutcookies.org for further information about disabling cookies. For further information about cookies, visit the Interactive Advertising Bureau (www.iab.net), an industry body that develops standards and guidelines to support online business processes. It has produced a series of web pages that explain how cookies work and how they can be managed.
Disclosure of your information inside and outside of the UK
We work with the following third parties and share your personal information with them to help us deliver the best possible service to you:
  • Amazon Web Services (AWS), a secure cloud services platform. See https://aws.amazon.com/privacy/.
  • Mailchimp, our email campaign service provider, to keep you up to date with Artdesk news. Mailchimp has certified its agreement to the EU/US Privacy Shield. See https://mailchimp.com/legal/privacy/.
  • Business partners, galleries, third party art dealers, consultants, and other art-related professional services for the provision of Artdesk’s service to you.
  • Analytics and search engine providers that assist us in the improvement and optimisation of our app.
We will disclose your personal information to third parties where:
  • We sell or buy any business or assets; we will disclose your personal information to the prospective seller or buyer of such business or assets.
  • Artdesk, or substantially all of its assets, are acquired by a third party; personal information regarding Artdesk customers will be among the transferred assets.
  • We are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply our terms of service, website terms of use, or other agreements; or to protect the rights, property, or safety of Artdesk, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
  • We require all third parties to respect the security of your personal data and to treat it in accordance with the applicable law. Our third-party service providers are not allowed to use your personal data for other than the specified purposes in accordance with our instructions.
  • Where we use certain providers of services, we may use specific contractual clauses approved by the European Commission and UK ICO which give personal data the same protection it has in Europe.
 Where we store and process your personal information
The personal information that we collect from you is stored on cloud servers within the European Economic Area (EEA). All information you provide to us is stored on these secure servers and any payment transactions are encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our website; any transmission is undertaken at your own risk. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
Personal information will be held in servers in Europe and may be accessed by remote staff which work outside the EU/EEA. However, such staff receive appropriate training and are only permitted to access personal information which is necessary to perform their roles.
Whenever we transfer your personal information out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
  • We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal data; or
  • Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal information the same protection it has in the UK.
 Retention of your personal information>
We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Your rights>
You have the right to request that we not process your personal information for marketing purposes. We will usually inform you (before collecting your personal information) if we intend to use your personal information for such purposes or if we intend to disclose your information to any third party for such purposes. In such circumstances, we will collect express consent from you if legally required to do so prior to using your personal information for marketing purposes. Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for such policies. Please check these policies before you submit any personal information to these websites.
You have the following data protection rights:
  • Request correction> of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure> of your personal information. You may ask us to delete or remove personal information where we do not have a lawful basis for continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
  • Object to processing> of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. You may ask us to suspend the processing of personal information about you; for example, if you want us to confirm the accuracy of, or reasons for processing, your personal information.
  • Request the transfer> of your personal information to another party in certain formats, if practicable.
  • Make a complaint> to a supervisory body; in the United Kingdom, the Information Commissioner’s Office. The ICO can be contacted through this link:https://ico.org.uk/concerns/
 Access to information>
Data Protection Act 2018 and UK GDPR give you the right to access your personal information. We encourage you to contact us to ensure that your personal information is accurate and complete.
A data subject access request should be submitted to our Data Protection Officer Emilia Gyoerk at Emilia@artscapy.com. In accordance with the Data Protection Act 2018, no fee will apply to such an access request.
Changes to our privacy notice
Any changes we make to our privacy notice will be posted on this page and, where appropriate, you will be notified of such changes by e-mail. Please check back frequently for any updates or changes to our privacy notice.
Contact
We hope that we have shared with you all the information you need, but in the event that you seek further information or if you have any questions, please contact us via email at info@artscapy.com.