Privacy Policy

Poetry Archive Data and Privacy Policy 2019

1. Who are we?

The Poetry Archive was established in 2001 as a unique online collection of recordings of significant poets who write in English reading their own work. Our first website was launched in 2005. We produce and preserve these valuable voices to make them available for future generations to explore and enjoy. We celebrate poets and poetry which would otherwise be lost, celebrating the relationship between the poem and the listener and broadening the world-wide audience for poetry by making it relevant, accessible and enjoyable for all. We encourage greater and more diverse exploration and engagement with poetry by audiences of all ages, stages and circumstances, by offering poems from our recordings free-of-charge at our websites. Each poet in our collection is surrounded by high-quality contextual information and imaginative interactive features which encourage further and deeper exploration of the work.

The Poetry Archive is a registered Charity, our Charity number is 1093858. Our Company registration number is 4336052. Our registered office address and postal address is Poetry Archive, Exeter Phoenix, Gandy Street, Exeter, Devon, EX4 3LS.
We are committed to keeping the personal details of our members and supporters safe. This Notice explains how and why we use your personal data, to ensure that you remain informed and in control of your information.

 

2. Our Commitment to your Privacy

The Poetry Archive holds and processes data, including personal data, so that we can deliver our charitable mission as defined in our charitable Objects and our Business Plan. We aim to grow and sustain the visitors to our website, and through engagement with our audiences, build a valuable community and vital networks.

We collect, hold and process personal data to build and maintain relationships; to secure the resources we need to deliver our mission; to provide a strong evidence base for our work; to keep our staff, volunteers, supporter and service users safe and to meet our legal and contractual obligations.

We are committed to gathering and processing personal data with full regard for the General Data Protection Regulations (GDPR), the Privacy and Electronic Communications Regulations (PECR) and to the principles of personal choice and control. We always collect and process data on lawful grounds to meet the genuine needs of our organisation, but we do so with the highest regard for an individual’s rights and freedoms.

We will never sell personal data to third parties, and will never share your information unless it is absolutely necessary to meet our organisational needs and legal obligations. We apply strict controls with data sharing and processing agreements in place.

 

3. Key terms

We use the following key definitions, which are used by the Information Commissioner’s Office (ICO), the UK’s independent body set up to uphold information rights (www.ico.org.uk)

  • Data subject’: this is you, one of our valued Members and supporters. As the data subject, we respect your right to control your data.
  • Data controller’: this is us, the Poetry Archive. With your permission, we determine why and how your personal data is used (as outlined in this document).
  • Data processor’: this is a person, or organisation, who processes your data on our behalf, with your permission. All data processing is done by our own in-house staff. Sometimes we use third party software, such as MailChimp, to send our newsletters. The third parties we work with at no point ‘own’ your data, so you will never hear from them independently and they will always delete your data from their systems when they have completed the task in hand. We always send your data to partner organisations securely, to minimise the risk of it being intercepted by unknown individuals and/or organisations.

 

4. Why do we collect your personal data?

We use your personal data to keep in touch with you.

We will only ever collect, store and use your personal data when we have an identified purpose and reason to do so. The ICO refers to this as a ‘lawful basis’. Further information about why we collect your personal data is outlined below.

a) To deliver services that you have asked for

This may involve:

  • Sending you our e-newsletters and information on events and activities which may be of interest.
  • Processing your payments and Direct Debit payments, if you have set this donation process up with us
  • Sending you your Member or Patron membership renewal letter
  • Processing your payments inward for donations or sales, or payments outward for royalties and fees, and getting in touch with you should there ever be any issues processing your payments
  • Keeping your personal and professional details up to date

The ICO define the lawful basis for processing your data for these purposes as ‘contractual’.

b) To send you items purchased from us

We collect your personal data to send you:

  • items you have purchased through our site.
  • information about events you have booked onto

The ICO define the lawful basis for processing your data for these purposes as ‘contractual’.

c) To administer and acknowledge gifts and donations you have made to us

We collect your personal data to:

  • process any donation payments and Membership payments
  • acknowledge receipt of any donations
  • process any monitoring information related to these services
  • report to funders as required by funding contracts

The ICO define the lawful basis for processing your data for these purposes as ‘contractual’. Where it is a contractual requirement to share your personal data with third parties – such as our funders or any regulatory bodies – we will always make this clear when we first collect information from you.

e) To send you information about our work and ask for your opinion

We also collect your personal data so that we can send you information about our work that we feel will be of interest to you. This includes your e-newsletter, fundraising appeals, events, campaigning opportunities, volunteering opportunities, Membership information, our projects,  products, newsletter requests, feedback, competitions and other activities.  From time to time, we may also use your personal data to ask for your opinion about our work.

This information is in addition to that outlined in sections a), b), c) and d) and is defined as ‘direct marketing’ by the ICO.

i) Gift membership of our Patrons and Friends Schemes

If your Poetry Archive Membership or Patronage was purchased as a gift, we will use the address provided by the purchaser to send you information. This will include a ‘renewal letter or email’, which we will send you when your membership is due to expire, to see if you would like to continue supporting our charity.

ii) When your Membership has ended

Unless we hear from you directly, we will continue to send you information about our work for up to 12 months after your membership has ended. This is just in case your support was cancelled accidentally, by for example changing your bank account details, and you wish to update your details with us.

Your personal data also helps us to get to know you better and to develop our work in a timely and relevant way. As defined by the ICO, we use two different lawful bases for processing your data for ‘direct marketing’ purposes:

i) Legitimate interest

This is where we have identified a genuine and legitimate reason for contacting you, which crucially does not override your rights or interests.

ii) Opt-in consent

This is where you have given us express permission to contact you by particular communication channels.

We respect your right to update the way we get in touch with you about our work at any time.

As defined by the ICO, the lawful basis for processing your data for these purposes is ‘contractual’ (where administering your payment/Patron/Friend records) and ‘legitimate interest’ (when sending you information about our work).

 

5. What kind of personal data do we collect? How do we collect it?

a) Basic information

  1. For e-Newsletter subscribers, we will usually collect  your name, postal address, telephone number, email address and detail of how you prefer to be contacted by us.
  2. For our occasional surveys (see B, below) we collect a wider range of demographic information directly from you and only with your permission.
  3. For financial transactions (with Patrons, Donors, Poets, Publishers) we will keep your personal contact details as in (a), and your bank details as provided by you for this purpose, and to enable us to fulfil our duties.

We collect this data from you directly. Sometimes this is in person; other times, it is over the telephone, in writing or through an email. Occasionally we obtain information, such as your telephone number or other contact details, from external sources (only where you have given permission for such information to be shared). We will never ask for personal financial information by email and if you are concerned please contact us to be sure the application is genuine for providing any personal data online.

b) Getting to know you better

We also collect information about you that helps us to get to know you better. This may include:

  • information about your poetry interests, which you tell us through our Membership or similar Surveys
  • records of donations you’ve made towards fundraising appeals
  • your preferences of how you would like us to contact you
  • records of events you’ve attended, or campaigns or activities that you’ve been involved in.

Sometimes we will collect other information about you such as your date of birth and gender. When we do so, we will be very clear as to why we are collecting such information, and we will only do so with your specific consent and permission.

Other ways in which we collect personal data to get to know you better include:

i) Our website

Our website uses ‘cookies’ to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites, so the Poetry Archive does not store this information.

Our cookies help us:

  • Make our website work as you’d expect
  • Remember your settings during and between visits
  • Improve the speed/security of the site
  • Allow you to share pages with social networks like Facebook
  • Continuously improve our website for you

For more information on our Cookies Policy, please contact us

c) Sensitive personal data

We do not normally collect or store sensitive personal data (such as information relating to health, beliefs or political affiliation) about supporters and members. However, there are some situations where this could occur, for example, if we are delivering a funded project that is specifically aimed at benefitting people’s health or which targets particular groups of individuals (such as people from diverse backgrounds or with specific ethnicities).

When we do so, we will be very clear as to why we are collecting such information, and we will only do so with your specific consent and permission. In these situations, we collect the data from you directly. Generally, we anonymise sensitive personal data wherever possible.

d) Children and young people 

In line with data protection law, we will not collect, store or process your personal details if you are under 13 years of age; unless we have the express permission from your parent or guardian to do so.

If we have the permission of your parent or guardian we will capture your date of birth at the point of joining. This is so that we can send you information that we feel is suitable to your age.

 

6. How do we store your data?

a) Security

All of the personal data we process is processed by our staff in the UK and our IT hosting and maintenance is done in accordance with guidance issued by the Information Commissioner’s Office.

We use MailChimp e-mail marketing. A copy of their policy regarding data security in terms of operational security, physical security and application security can be found here.

Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have a clear Data Protection Policy and associated guidance which personnel are required to follow when handling personal data.

b) Payment security

All electronic Poetry Archive forms that request financial data will use the Secure Sockets Layer (TLS1.2) protocol to encrypt the data between your browser and our servers.

If you use a credit card to donate, purchase a membership or purchase something online we use Worldpay. Please refer to sections 17, 18, and 19 in the following link for their data processing terms and conditions: https://www.worldpay.com/sites/default/files/171120-SME-Terms-2017.pdf

The Poetry Archive will never store card details.

Of course, we cannot guarantee the security of your home computer or the internet, and any online communications (e.g. information provided by email or our website) are at the user’s own risk.

c) Data retention policy

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold and delete what is no longer required.

 

7. Your rights

We respect your right to control your data. Your rights include:

a) The right to be informed
This privacy notice outlines how we capture, store and use your data.

b) The right of access
If you wish to obtain a record of the personal data we hold about you, we will respond within one month. We may charge up to £10 for responding to a request. To make a data access request please contact our Administrator through this website.

c) The right to rectification
If we have captured information about you that is inaccurate or incomplete, we will update it.

d) The right to erase
You can ask us to remove or anonymise your personal details from our records, unless these are financial records required to enable us to meet our duties. All financial records are kept for 7 years. .

e) The right to restrict processing
You can ask us to stop using your personal data. If we do stop processing your personal data it may result in us being unable to continue to provide you with the services we offer.

f) The right to data portability
You can ask to obtain your personal data from us for your own purposes.

g) The right to object
You can ask to be excluded from marketing activity.

h) Rights in relation to automated decision making and profiling
We respect your right not to be subject to a decision that is based on automated processing.

For more information on your individual rights please see the Information Commissioner’s Office.

Responsibility
Overall responsibility for this notice and the implementation of our Data Protection Policy lies with the Director.

Information Commissioner’s Office
For further assistance with questions regarding your data, please contact the Information Commissioner’s Office, whose remit covers the UK.

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
SK9 5AF

Telephone: 0303 123 1113
Email: casework@ico.org.uk

 

8. Leaving our website

We are not responsible for the privacy practices or the content of any other websites linked to our website. If you have followed a link from this website to another website be aware that you may be supplying information to a third party.

 

9. Get in touch

Should you wish to find out more about the information we hold about you, or about our privacy policy, please contact us. Our office hours are Monday – Friday, 9am – 5pm.

Close