Privacy
Department for Culture, Media & Sport Privacy Notice for Government Art Collection
// Who is collecting my data?
The Government Art Collection is part of The Department for Culture, Media & Sport (DCMS), which helps to drive growth, enrich lives and promote Britain abroad.
This website (“Website“) is run by the Department for Culture, Media & Sport (“we” and “us“, “DCMS“). DCMS is the controller for the personal information we process, unless otherwise stated.
// Purpose of this Privacy Notice
This notice is provided to meet the obligations as set out in Article 13 and 14 of the UK GDPR. This notice sets out how we will use your personal data as part of our legal obligations with regard to Data Protection.
The Department for Culture, Media & Sport’s personal information charter (opens in a new tab) explains how we deal with your information. It also explains how you can ask to view, change or remove your information from our records.
// What is personal data?
Personal data is any information relating to an identified or identifiable natural living person, otherwise known as a ‘data subject’. A data subject is someone who can be recognised, directly or indirectly, by information such as a name, an identification number, location data, an online identifier, or data relating to their physical, physiological, genetic, mental, economic, cultural, or social identity. These types of identifying information are known as ‘personal data’. Data protection law applies to the processing of personal data, including its collection, use and storage.
// What personal data do we collect?
Most of the personal information we collect and process is provided to us directly by you. This includes:
- Information on how you use this website. This includes IP address and analytical cookies if you have given consent.
- Contact information that you may share with us when you correspond with us.
// How will we use your data?
We use personal information for a wide range of purposes, to enable us to carry out our functions as a government department. This includes:
- Improving our website performance via performance cookies that collect information about how visitors use a website. These cookies do not collect information that identifies a visitor. Learn more about our cookies policy.
- Any contact information you may share with us will only be used to respond to you.
// What is the legal basis for processing my data?
To process this personal data, our legal reason for collecting or processing this data is:
- You have freely given your consent – it will be clear to you what you are consenting to and how you can withdraw your consent.
There are further requirements for processing more sensitive, or ‘special category’, personal data. You can find out more about these bases for processing personal data by consulting the Information Commissioner’s Office.
The lawful basis that we rely on to process your personal data will determine which of the following rights are available to you. Much of the processing we do in DCMS will be necessary to meet our legal obligations or to perform a public task. If we hold personal data about you in different parts of DCMS for different purposes, then the legal basis we rely on in each case may not be the same.
// Who will your data be shared with?
We will let you know if we are going to share your personal data with other organisations – and whether you can say no. We may share this data with our technology suppliers, for example our hosting provider. You can ask us for details of agreements we have with other organisations for sharing your information.
If you write to us on a subject that is not our policy area, and the response needs to come from another government department, we will transfer your correspondence, including the personal data, to that department.
You can also ask us for details of any circumstances in which we can pass on your personal data without telling you. This might be, for example, to prevent and detect crime or to produce anonymised statistics.
We won’t make your personal data available for commercial use without your specific permission.
// How long will my data be held for?
We will only retain your personal data for two years in line with DCMS retention policy, it is needed for the purposes set out on this webpage.
// Will my data be used for automated decision making or profiling?
We will not use your data for any automated decision making. If we need to do so, we will let you know.
// Will my data be transferred outside the UK and if it is how will it be protected?
We will not send your data beyond the European Economic Area.
// Links to other websites
Where we provide links to websites of other organisations, this privacy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices of the other websites you visit.
// What are your data protection rights?
You have rights over your personal data under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018). The Information Commissioner’s Office (ICO) is the supervisory authority for data protection legislation, and maintains a full explanation of these rights on their website. DCMS will ensure that we uphold your rights when processing your personal data.
// How do I complain?
Data Controller’s Title: Information Asset Owner
Data Controller’s Address:
Government Art Collection
Old Admiralty Building
Admiralty Place
London, SW1A 2BL
Data Controller’s email address: gac@dcms.gov.uk
The contact details for the data controller’s Data Protection Officer (DPO) are:
Data Protection Officer’s Address:
Data Protection Officer
The Department for Culture, Media & Sport
100 Parliament Street
London
SW1A 2BQ
Data Protection Officer’s email: dpo@dcms.gov.uk
If you’re unhappy with the way we have handled your personal data and want to make a complaint, please write to the department’s Data Protection Officer or the Data Protection Manager at the relevant agency. You can contact the department’s Data Protection Officer using the details above.
// How to contact the Information Commissioner’s Office?
If you believe that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. You may also contact them to seek independent advice about data protection, privacy and data sharing.
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Website: ico.org.uk
Telephone: 0303 123 1113
Email: casework@ico.org.uk
Any complaint to the Information Commissioner is without prejudice to your right to seek redress through the courts.
// Changes to our privacy notice
We may make changes to this privacy policy. In that case, the ‘last updated’ date at the bottom of this page will also change. Any changes to this privacy policy will apply to you and your data immediately. If these changes affect how your personal data is processed, DCMS will take reasonable steps to let you know.
This notice was last updated on 18/05/2022.