Willowing Arts Ltd (willowing.org) Privacy Policy

As many of you may know we really value care and wellbeing among our worldwide community :)

Changes in data protection law in the EU (i.e. GDPR) have prompted us to take a look at how we make sure care and wellbeing are there when we’re looking after the information you share about yourself with us. We’ve written this policy to be clear about how we treat and look after your information. It’s grounded in the European Union’s ‘GDPR’ and the USA’s ‘Fair Information’ protocols. A key component of these protocols is transparency. Please read the whole document to understand the new information we have included in our policy from 23 May 2018.

Willowing Arts and Customers

1) We collect contact information from you; your name, address and email, when you make a purchase (including free products) on our website at www.willowing.org

2) We collect your name and email address when you sign up to receive newsletters through our website at www.willowing.org

3) How do we use your data?

a. To quickly process your transactions in line with the Contract made on purchase

We send two types of newsletters:

b. The first is ‘Class Information Newsletters’ – these are essential for a person to follow the course they have bought and are sent on the basis of the Contract made on purchase.

c. The second is ‘Promotional & Inspirational Newsletters’ – these contain free offers, tips and uplifting messages along with information about up-coming products from Willowing Arts and from sponsors who pay us to advertise to you. These are are sent to all those who have made a purchase in the past (as in 1) above) on the basis of our Legitimate Interest and to those who have given Consent when subscribing to receive newsletters (as in 2) above)

Willowing Arts and our Affiliates

4) We collect your name, email address and social security/tax number when you sign up to be an Affiliate of Willowing Arts Ltd.

5) How do we use your data?

a. We use your contact information to pay your affiliate share on the basis of the Contract made when you sign up to be an affiliate.

b. We use your social security/tax number to show that you’re a real person. We thus fulfil our Legal Obligation to UK tax authorities (i.e. we prove we’re not paying ourselves instead of you to avoid paying tax.)

If you’re not happy: Your happiness and wellbeing are super important to us.

6) If you’d rather not receive Newsletters please opt out by clicking on the ‘unsubscribe’ option in the email you were sent or email us at: [email protected].

7) If you’d like to ask a question or want to know what data of yours we hold please email us at: [email protected]

8) If you have a complaint please email us at: [email protected]

9) Alternatively you can write to:

Andy Mason
Data Controller
BM Willowing Arts
London WC1 3XX
UK

How do we protect your data?

10) Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.

11) In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

12) We implement a variety of security measures when a user places an order to maintain the safety of your personal information.

13) An external PCI compliant payment gateway handles all CC transactions.

14) We use regular Malware Scanning.

Do we use ‘cookies’?

15) Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognise your browser and capture and remember certain information.

16) We use cookies to help us remember and process the items in your shopping cart.

17) NB Because your online courses are accessed through our site we need you to ‘accept cookies’ to be able to access the courses you have bought.

18) Cookies are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services.

19) We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

20) You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

21) If you turn cookies off, some of the features that make your site experience more efficient may not function properly. Some of the features that make your site experience more efficient and may not function properly.

Third-party disclosure

22) We do not sell, trade, or otherwise transfer to outside parties your data unless you have given us specific consent. However, on rare occasions, organisations that do jobs for us, like website hosting or financial accounts, may need to see your information to do their work.   To protect you, we only use organisations with GDPR protocols in place.

23) Non-personally identifiable visitor information may be provided to other parties for our marketing, advertising, or other uses.

Third-party links

24) Occasionally, we may include or offer third-party products or services on our website or in our Newsletters (see 3c above). These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

25) Google: Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en

26) We have implemented the following:

a. We, along with third-party sellers such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

b. Opting out: Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.

California Online Privacy Protection Act (CalOPPA)

27) CalOPPA is the first state law in the USA to require commercial websites and online services to post a Privacy Policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous Privacy Policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:

28) Users can visit our site anonymously.

29) Once this Privacy Policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.

a. Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.

b. You will be notified of any Privacy Policy changes on our Privacy Policy Page

30) You can change your personal information by logging in to your account

31) How does our site handle Do Not Track signals?

a. We honour Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

32) Does our site allow third-party behavioural tracking?

a. It’s also important to note that we do not allow third-party behavioural tracking

33) COPPA (Children Online Privacy Protection Act)

a. When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

b. We do not specifically market to children under the age of 13 years old.

GDPR and Fair Information Practices

34) GDPR is the data protection framework for the European Union. The Fair Information Practices Principles form the backbone of privacy law in the United States. The concepts they cover play a significant role in the development of data protection laws around the globe.

35) In order to be in line with GDPR and Fair Information Practices we will take the following responsive action, should a data breach occur: We will notify you via email within 4 business days

GDPR and CAN SPAM Act

36) The CAN-SPAM Act is a USA law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

37) In addition to the points made elsewhere in this policy Willowing Arts agrees to:

a. Not use false or misleading subjects or email addresses.

b. Identify the message as an advertisement in some reasonable way.

c. Include the physical address of our business or site headquarters.

d. Monitor third-party email marketing services for compliance, if one is used.

e. Honour opt-out/unsubscribe requests quickly.

f. Allow users to unsubscribe by using the link at the bottom of each email.

If you’re not happy: Your happiness and wellbeing are super important to us.

38) If you’d rather not receive Newsletters please opt out by clicking on the ‘unsubscribe option’ in the email or email us at: [email protected].

39) If you’d like to ask a question or want to know what data of yours we hold please also email us at: [email protected]

40) If you have a complaint please email us at: [email protected]

41) Alternatively you can write to:

Andy Mason
Data Controller
BM Willowing Arts
London WC1 3XX
UK

Last updated on: 23rd May 2018