Art Over There Privacy Policy
WHO WE ARE AND HOW DOES THIS PRIVACY POLICY WORK?
The purpose of this Privacy Policy is to give you information on how we collect and process your personal data when you use our website and/or software applications (“App”), or our products or services we may offer you.
“Art Over There”, ”we” “us” or “our” in this Privacy Policy refers to Art Over There Ltd, a limited liability private company incorporated under the laws of England and Wales with the registered address of 29 Nicholson Road, Marston, Oxford, United Kingdom, OX3 0HW that is responsible for processing your personal data.
You can contact us here: info@artoverthere.
WHAT IS PERSONAL DATA AND TYPES WE COLLECT
“Personal data” means any information relating to an identified or identifiable individual. Depending on who you are and how you interact with us, we may collect, use, receive, store, analyse, combine, transfer or otherwise process different categories of personal data.
Below is a table reflecting the categories of personal data we may collect about you:
Categories of personal data: Identity and account log-in information
Which includes such information as: Full name(s), title, identity number, and your date of birth, biography, and profession.
Categories of personal data: Contact information
Which includes such information as: Telephone number(s), address, country, email.
Categories of personal data: Financial and event information
Which includes such information as: Bank account data, credit or debit card information, your daily or other work rates.
Categories of personal data: Usage and technical information
Which includes such information as: IP addresses, browser type and versions, operating systems, time zone setting, geolocation information, content you access on our App and the dates and times that you visit the App, paths taken.
Categories of personal data: Marketing and communications information
Which includes such information as: Communication with customer service support, behavioural data (for example, collected using cookies), information about promotions, and records of your decision to subscribe or to withdraw from receiving marketing materials.
We may also collect, use and/or share non-personal data or anonymised data such as your artwork, event attendance, statistical or demographic data.
As a principle, we do not collect any special categories of personal data about you (such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric information).
To the extent our App includes links to third-party websites, plug-ins and applications (including cookies, tracking technologies and widgets by third-party advertisers), it is important that you understand that by clicking on those links or enabling those connections, you may allow third parties to collect or share data about you. We do not have oversight of these third-party websites and we are not responsible for their processing of personal data.
HOW DO WE COLLECT YOUR PERSONAL DATA?
How we collect personal data will depend on the following broader situations:
We may collect personal data directly from you in different ways on our App, or product or service offerings. For example, you may give us your personal data when you:
● give us your information so that we can contact you about our services and products;
● conclude a contract or verify with us who you are (whether by email, phone or electronic verification);
● apply for our products or services directly with us or through our appointed suppliers (such as marketplaces or credit providers) or initiate an account-based relationship with us;
● are prompted to give us your contact and payment information on our web-checkout /payment pages or via other similar channels;
● send us a support request; or
● access and browse our App– to learn more see our Cookie Policy.
We may occasionally obtain personal data through third parties or, if publicly available, where permitted under applicable law.
WHAT ARE THE LAWFUL GROUNDS THAT WE RELY ON TO PROCESS YOUR personal data?
We process personal data only when we have a valid legal ground to do so. Most commonly, we use your personal data where:
● it is necessary to process your personal data in connection with the performance of a contract that we have with you directly or indirectly;
● it is necessary for our legitimate interests (or the legitimate interests of a third party). We make sure that your fundamental rights are not overridden by our legitimate interests;
● we use your personal data to comply with our legal obligations.
● We may seek your explicit consent where the applicable laws require us to do so. To know where and when explicit consent is required.
PURPOSES FOR WHICH WE MAY PROCESS YOUR PERSONAL DATA
1. To verify, authenticate and authorize your use of our products or services
The type of personal data typically required is identity, contact and possibly financial information. This is necessary in order for us to assess your application under contract and necessary for our legal obligations under certain laws.
2. To process payment transactions made through our Apps
The types of personal data we require to provide a product or service and the legal ground depends on the specific payment methods made available by us in your country.
3. To protect our business and to ensure compliance with the law
We process personal data to meet the requirements of applicable laws and regulations.
4. To manage our relationship with you
If you contact us or otherwise give us your Contact information (for example by registering, by completing an enquiry form on our App, or by subscribing to receive support, and service status communications from us or security or fraud monitoring alerts), we may process your personal data:
● to inform you about your products or services with us and any changes to these products or services and any associated legal documents;
● to notify you if there is any interruption of services or products;
● to ask you to provide information on how we can improve or develop services or products and to otherwise effectively communicate with you;
● to provide you with service assistance and problem solutions or to contact or send you notifications related specifically to the services or products we offer you;
● to use your personal data in transactional or monitoring reports (or both) as part of the performance of our contract. You have the option to unsubscribe from such reports in accordance with the terms of our contract.
5. To market our products and services and related services to you
We may use personal data to market our products and services and to notify you about events, offers, sponsorships, marketing programmes and similar marketing campaigns.
6. To conduct research and to develop and improve our products and services
We may use personal data that we collect:
● to research and gain insights into market trends and needs and to develop or innovate our technologies, products and services to meet such market trends and needs. We may use machine learning and artificial intelligence techniques to conduct research to gain such insights;
● to analyze visitor use of our App, products or services in line with this Privacy Policy and our Cookie Policy;
● to use your personal data, in line with applicable laws and regulations.
WHOM DO WE DISCLOSE YOUR PERSONAL DATA TO
We may share your personal data with external third parties such as:
● service providers under contract who assist us with our business operations; and
● when required by law enforcement, government officials, fraud detection agencies or other third parties and when we are compelled to do so by law (such as via a subpoena, court order or similar legal procedure).
We take all reasonable measures to ensure that every third party involved in the processing of your personal data has the required organizational and technical protections in place, including the required data processing and transfer agreements where this is necessary. When required under applicable law, we may provide you with a list of our sub-processors or suppliers upon request, by contacting us.
MARKETING
You may receive marketing communications from us, for example, if you have requested more information from us; provided your contact information to us in order to retrieve content or communications from us and/or subscribed for services or products from us. We may run these marketing activities directly or with promoters.
The provision of such marketing activities is subject to the applicable laws. You are entitled to opt out from receiving such marketing by contacting us.
COOKIES AND SIMILAR TECHNIQUES
We use cookies, web beacons and similar techniques (“cookies”) when you access our Apps. A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. We explain how we use cookies on each of our App and the choices you, as a visitor to each Website or App, have when it comes to our use of cookies here.
INTERNATIONAL DATA TRANSFERS
We are a global company with a global footprint.
Your personal data may be processed either locally in the country where you work or reside or in any other country where we or our approved third-party service providers operate, worldwide, as permitted by law. Should your personal data move outside your country, where required by law, we shall use the EU Commission’s standard contractual clauses (as may be amended from time to time) or other compliant transfer mechanisms such as consent to ensure that an adequate or a same level of protection is applied to your personal data as the one afforded in the country of origin.
DATA RETENTION
We may store your personal data for as long as required for the fulfilment of the purposes for which we collected it. The retention of personal data by us is determined by considering compliance with legal and compliance reporting requirements.
WHAT ARE YOUR INDIVIDUAL RIGHTS?
We ensure that you may exercise your individual privacy rights under applicable privacy and data protection laws. This means that We seek to provide reasonable assistance to cater to requests from individuals regarding the processing of personal data and the right to access, delete, erase, amend and withdraw permission to the processing of personal data.
Depending on the applicable laws in your country, you may have certain rights under data protection law. For example, under the UK General Data Protection Regulation, you can exercise the following rights:
● access your personal data (access rights): You have the right to ask us if we process personal data that relates to you and you may ask us to provide you with details of the personal data we process about you (as required under applicable laws);
● correct or rectify your personal data: You can ask us to have inaccurate personal data we process about you fixed or changed;
● erase your personal data: You can ask us to delete or erase personal data under certain circumstances if the personal data is no longer needed for the purposes for which we collected them (subject to local data retention legal obligations);
● withdraw your consent: You may withdraw your consent to processing that you have given us and prevent further processing if there is no other legal ground (including legitimate interests) for processing your personal data;
● restrict the processing of your personal data: You can require certain personal data to be marked as restricted for processing in certain circumstances, such as an objection to our processing of your personal data based on our legitimate interests;
● request data portability: You can ask us to transmit your personal data that you have provided to us to a third party in a machine-readable form;
● object to automated decision-making, including profiling, if these decisions produce a legal effect on you;
● raise a complaint: You can raise a complaint about our processing of your personal data with the applicable authority in your country.
Please email us if you would like to exercise any of the above rights. These rights are limited in some situations, such as where we are legally required to process your personal data, and this may limit your ability to use some of our products and services.
SECURITY: HOW WE PROTECT & STORE PERSONAL DATA
The security of your personal data is important to us. We take legal, technical and organizational measures that we consider necessary in order to maintain the confidentiality and security of your personal data, with due regard to the applicable obligations and exceptions under the legislation in force.
We regularly review its policies regarding the collection, storage and processing of your personal data, including physical security measures, to prevent alteration, loss, query, use or fraudulent or unauthorized access to your personal data.
We have put in place procedures to deal with personal data breaches and will notify you and any applicable regulator or authority of a breach where we are legally required to do so.
MINORS
We do not voluntarily or actively collect, use or disclose personal data of minors, according to the minimum age equivalent in the relevant jurisdiction, without the prior consent of the parents or guardians of the minor. Our services are not intended or designed to attract minors.
If we learn that we collected the personal data of a minor, without first receiving a verifiable parental consent, we will take steps to delete the information as soon as possible.
CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES
This Privacy Policy may change over time. The recent version of this Privacy Policy is published on our App. Privacy Policy was last changed on 5 January 2025. We will notify you of any changes to this Privacy Policy by publishing these on our App. It is very important that any personal data we hold about you is up to date and correct. Please inform us of any changes to your personal data.