Who we are

Our website address is: http://blueprintarts.co.uk.

This Privacy Policy will help you to understand how Blueprint Arts collect data through our website, how we process that data and how we protect the data you provide us with. We reserve the right to change this policy at any time and advise you check our site regularly if you wish to be kept up to date with any changes made.

Blueprint Arts do not use cookies for data collection on this site.

 

How we collect data

We mainly collect data by providing links on our website to a contact form on our management system notion.com (please see Notion for their privacy policies) This is usually for clubs that we run for children and young people.

For ticketed events we collect data through a link to our ticket sales on Yapsody
yapsody.com (please see Yapsody for their privacy policies)

We have also used Eventbrite eventbrite.co.uk for tickets sales and subsequently collecting data (please see Eventbrite for their privacy policies)

 

When we collect data

When audiences and participants buy tickets for our events and/or sign up them or their children/person in their care to our clubs, events and workshops

How we keep your data safe

All data kept of children and young people under 18 and any vulnerable adults is stored in our secure databases on notion.com. These are locked databases and only staff at Blueprint Arts, who hold a DBS, are allowed access. Our Designated Safeguarding Lead manages children, young people and vulnerable adult’s databases, including who has access to them. Data of this sensitive nature is NEVER passed on to any third party or shared in any other way and is only used to keep participants safe when they are in the care of the Blueprint Arts team.

All other data that we collect is also stored securely in our management system notion.com and we ask express permission of all people who fill out our forms if they would like to be contacted by us for future and other events, workshops, festivals and performances we hold.

Processing Data

Any person who gives us permission to contact them again will be added to our mail chimp databases (please see mailchimp.com for their privacy policies). These databases are locked and only Blueprint Arts staff have access to them. We never hand out any data to a third party or anyone else, without express permission from the individuals. Just as an example, we recently signed people up to a new project and whilst nearly all these people were on our existing databases we ensured each one of them gave us their express permission to be on another database, for this project, as the data is held by a different organisation.

Additional GDPR Policy Components

Procedure in the Event of a Data Breach

In the event of a data breach, Blueprint Arts will:

  • Immediately assess the breach to determine its scope and impact.
  • Notify affected individuals and the relevant authorities within 72 hours of becoming aware of the breach, if it poses a risk to individuals’ rights and freedoms.

GDPR Training of Staff / Volunteers

All Blueprint Arts staff and volunteers receive regular GDPR training to ensure they understand their responsibilities in handling personal data securely and in accordance with GDPR regulations.

Data Protection Lead / Officer

Blueprint Arts has appointed a Data Protection Officer (DPO) who oversees GDPR compliance, provides guidance to staff, and serves as a point of contact for data protection matters.

Current DPO: Laura Kavanagh – Laura@blueprintarts.co.uk

Procedure for Subject Access Requests

Individuals have the right to request access to their personal data held by Blueprint Arts. To make a subject access request, individuals should contact our Data Protection Officer. We will respond within one month of receiving the request, providing the requested information or explaining any reasons for delay.