Our contact details

AN:ARTISTS INFORMATION COMPANY (Co. Reg 1626331) trading as a-n The Artists Information Company.

Our office address is: S19 Toffee Factory, Lower Steenbergs Yard, Ouseburn, Newcastle upon Tyne NE1 2DF
Our email address is: [email protected]
Our telephone number is: +44 (0)300 330 0706
Our primary web address is: www.a-n.co.uk

The Data Controller is AN:ARTISTS INFORMATION COMPANY (Co. Reg 1626331). The main point of contact for data protection matters is David Farrow, Email: [email protected]

What type of information we have

We process the following types of personal information;

  • Members – Login Credentials, Name, Address, Contact Information
  • Pending Members – Name, Address, Contact Information
  • Past Members – Name, Address, Contact Information
  • Past/Present and Potential Employees – Name, Address, Contact Information, Medical Information, Reference Information,
  • Financial Information – Bank Details, Payment/Card Details
  • Images – Photographs of individuals
  • Website User Data – IP Address, Analytics data such as geographic information.

For more information from the ICO with examples of what personal information can be, visit its website.

How we get the information and why we have it

We collect your information using email, telephone, our website and in paper form. We get your information from what you tell us and from 3rd parties who supply your details in line with the relevant legal basis for doing so under the terms of the DPA 2018.

We need to collect or hold your information for the following reasons;

  • Members – To manage our agreement with you – our lawful basis for doing this is CONTRACT.
  • Potential Members – To provide you with membership details such that you may get full information of the details of membership should you decide to become a member and to process your membership application. Prior to your making an application, your data is processed under the lawful basis of LEGITIMATE INTEREST. Once you apply for membership our lawful basis for processing your data is CONTRACT.
  • Past Members – To retain required financial information and details of your membership for tax and insurance purposes – our lawful basis for doing this is LEGAL OBLIGATION.
  • Past/Present and Potential Employees – To retain required financial information and details of your membership for tax and insurance purposes – our lawful basis for doing this is LEGAL OBLIGATION.
  • Financial Information – To collect membership payments – our lawful basis for doing this is CONTRACT. To process payments in relation to employees such as salary and pensions – our lawful basis for doing that is LEGAL OBLIGATION.
  • Images – our lawful basis for holding images of individuals or displaying them in a public space such as a website or gallery is LEGITIMATE INTEREST.
  • Website User Data – We hold this data to provide you with the best user experience of our website – our lawful basis for doing this is LEGITIMATE INTEREST.

For more information from the regulator on the different lawful basis under which data can be published visit the ICO website.

 What we do with the information

We use the information that you have given us in order to;

  • Manage your membership if you are a member or pending member
  • Manage your employment or potential employment if you work for us or are applying to work for us.

We may share this information with regulatory authorities such as HMRC, Payment Processing Organisations and those engaged to manage our Accounts and other Professional services.

The following 3rd Parties Process Personal Data on our Behalf;

Company Nature of Processing Link to Privacy Notice
HMRC  Employee Data www.gov.uk/government/publications/data-protection-act-dpa-information-hm-revenue-and-customs-hold-about-you/data-protection-act-dpa-information-hm-revenue-and-customs-hold-about-you
PayPal/SagePay*  Payment Data www.paypal.com/webapps/mpp/ua/privacy-full


* Payments

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we work with are detailed above in the 3rd party processor table

At the time of writing we do not share any personal data outside the UK[1]

At the time of writing we do not undertake any automated decision making

How we store your information

We manage our systems and processes to make sure that your digital and paper data is as safe as possible at any stage, both while it’s processed and when it’s stored.

All information is stored in the UK. Where information is stored electronically, this is held in locations with appropriate security to limit risk of exposure through unauthorised access.

We will not transfer personal information from the UK to any other country. We use approved contractual clauses with any 3rd party processors to ensure that the recipients of your personal information protect it. We take steps to ensure that the information we collect is processed according to this privacy policy.

We undertake to retain your data for no longer than required either for the needs of the business for for legal purposes. Our retention schedule is available on request.

When we destroy or dispose of your data we do so using appropriate and secure processes.

Your data protection rights

Under the Data Protection Act 2018 you have the following data protection rights;

Your right to be informed – if your personal data is being used we must inform you that we are using your personal data.

Your right to get copies of your data – You have the right to find out if we are using or storing your personal data. You may request copies of your data by using the contact details in this privacy notice. You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Your right to get your data corrected – You can challenge the accuracy of personal data held about you by us.

Your right to get your data deleted – You can ask an organisation to delete personal data that it holds about you. This depends on the lawful basis under which it is being processed, refer to lawful basis for processing earlier in this privacy notice.

Your right to limit how organisations use your data – You can limit the way we use your personal data.

Your right to data portability – You have the right to get your personal data from us in a way that is accessible .

The right to object to the use of your data – You have the right to object to the processing or use of your personal data in some circumstances.

Your rights relating to decisions being made about you without human involvement – Decisions are made about you when your personal data is processed automatically. As stated earlier in this notice we do not undertake any automated decision making processing of data or any other processing without human involvement

Your right to access information from a public body – Make a request for information from a public body. We are not a public body therefore this right does not apply.

Your right to raise a concern – You have a right to tell us if you’re concerned about how we are using your data.

For more details about your data rights, visit Your Data Matters

How to complain

If you have a complaint about how your personal data is being processed, please contact us using the contact details given at the beginning of this privacy notice.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane

Helpline number: 0303 123 1113

This privacy notice was last updated in March 2019.

[1] According to the UK Government, the current practice, which permits personal data to flow freely from the UK to the EEA, will continue in the event of a no-deal Brexit8 . To this end, the UK Government’s and the ICO’s website should be regularly consulted. edpb.europa.eu/sites/edpb/files/files/file1/edpb-2019-02-12-infonote-nodeal-brexit_en_0.pdf