Privacy Policy
Last Updated: [21] April 2023
We are Sophie Macpherson Ltd (company number: 04487583), a company registered in England and Wales with registered address at 18 D’Arblay Street, London, W1F 8EB (“SML”, “we”, or “us”), and we are a specialist art recruitment company.
We are committed to respecting your privacy and protecting your personal data. This privacy policy (“Policy”) sets out how we use data relating to you and applies to all use of your personal data by us. This Policy applies to personal data we may collect from you, or that you provide to us, through or in connection with our art recruitment services for which we make this policy available (the “Services”) and when you use our website https://www.sophiemacpherson.com/ (the “Website”).
Please read this Policy carefully to understand our views and practices regarding your personal data.
We update our Policy from time to time, so you should check back in on a regular basis. Where appropriate, we will actively notify you of updates.
We will only collect and process information about you in accordance with this Policy and we will only use information collected about you in accordance with applicable data protection laws including without limitation the Data Protection Act 2018 (“UKDPA”) and the UK GDPR (as defined in the Data Protection Act 2018). We will comply with all applicable data protection laws, including the UK GDPR, UKDPA and the California Consumer Privacy Act 2018 (“CCPA”). Where we decide the purpose or means for the processing of the personal data that you provide when using our Services, we are the “data controller”.
You have the right to object to the processing of your personal data, including where your personal data is being processed for direct marketing purposes. Further information on this right, and your other rights, is set out below.
If you have any concerns over privacy, or this Policy, contact us at info@sophiemacpherson.com.
- THE PERSONAL DATA WE COLLECT ABOUT YOU
- Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
- As part of our Services, we may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data including first name, maiden name, last name, marital status, current job title, data of birth, gender, NI number, Visa, image, information about your entitlement to work in the UK, resumé/CV, any other information you include in your resumé/CV. We may also process information in relation to whether or not you have a disability for which the organisation needs to make reasonable adjustments during the recruitment process.
- Contact Data including email address, telephone number, home address.
- Financial Data including information about your current level of remuneration, including benefit entitlements.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Technical Data includes IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Website.
- COOKIES
- A cookie consists of information sent by a web server to a web browser and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
- You can set your web browser to refuse all or some browser cookies, or to alter you when the Website sets or accesses cookies. If you disable or refuse cookies, please note that some parts of the Website may become inaccessible or not function properly. For more information about the cookies we use, please see Cookie Policy.
- HOW YOUR PERSONAL DATA IS COLLECTED
- We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your Identity, Contact, Financial and Marketing and Communications Data by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- use our Services;
- subscribe to our publications;
- request marketing or information be sent to you; or
- give us feedback or contact us.
- Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.
- Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources as set out below:
- Identity and Contact Data from our clients and your prospective employers; and
- Identity and Contact Data from publicly available sources such as LinkedIn.
- Direct interactions. You may give us your Identity, Contact, Financial and Marketing and Communications Data by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- We use different methods to collect data from and about you including through:
- HOW WE USE YOUR PERSONAL DATA
- We will only use your personal data when the law allows us to. Most commonly we will use your personal data in the following circumstances:
- where we need to perform the contract we are about to enter into or have entered into with you.
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- where we need to comply with a legal obligation.
- We may use your personal information to:
- administer the Website;
- improve your browsing experience by personalising the Website;
- enable your use of the Services available on the Website;
- register you as a new client;
- manage our relationship with you;
- administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);
- send you general (non-marketing) commercial communications; and
- deal with enquiries and complaints made by or about you relating to the Websites.
- We will only use your personal data when the law allows us to. Most commonly we will use your personal data in the following circumstances:
- YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA
- You have certain rights over the way we process personal data relating to you. We aim to comply without undue delay, and within one month at the latest, in response to any requests submitted by you to us:
- for a copy of personal data we are processing about you and/or to have inaccuracies corrected;
- to restrict, stop processing, or to delete your personal data;
- for a machine-readable copy of your personal data, which you can use with another service provider. Where it is technically feasible, you can ask us to send this information directly to another provider if you prefer; and
- to make a complaint to a data protection regulator. You may contact them at: https://ico.org.uk/concerns/.
- To make a request in relation to any of the aforementioned rights, please send your request to info@sophiemacpherson.com.
- You may request deletion of your personal data by sending an e-mail to info@sophiemacpherson.com. Please note that some information may remain in our private records after deletion. We may use any aggregated data derived from or incorporating your personal data but not in any manner that would identify you personally.
- For data processing activities for which we rely upon your consent, you can withdraw your consent at any time by using the tools provided by following the opt-out links on any marketing messages sent to you or otherwise by contacting us at info@sophiemacpherson.com.
- You have certain rights over the way we process personal data relating to you. We aim to comply without undue delay, and within one month at the latest, in response to any requests submitted by you to us:
- DISCLOSURE OF YOUR PERSONAL DATA
- We will share your personal data with third parties only in the ways that are described in this Policy.
- Group, suppliers, subcontractors, service providers. We keep your personal data confidential, but may disclose it to any member of our corporate group, our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Policy.
- Government authorities. In addition, we may disclose your personal data to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).
- Potential acquirers or investors. If we are involved in a merger, acquisition, or sale of all or a portion of our business or assets, the personal data we hold may be included as part of that sale, in which case you will be notified via email, your account and/or a prominent notice on the App of any changes in ownership or use of your personal data, as well as any choices you may have.
- Enforcement. We may also disclose your personal information to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches, or to protect the rights, property or safety of us, our personnel or customers, or others.
- We only permit our suppliers and subcontractors to process your personal data for specified purposes and in accordance with our instructions. All our third-party service providers are required to take appropriate security measures to protect your personal data.
- DATA RETENTION
- We will only hold data about you for as long as necessary, bearing in mind the purpose for which that data was collected, or as otherwise described in this Policy.
- To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
- SECURITY
- We will take commercially reasonable, appropriate technical and organisational measures to ensure a level of security appropriate to the risk that could be encountered via the use of our Services taking into account the likelihood and severity those risks might pose to the rights and freedoms of our Service visitors and customers.
- In particular, we will take precautions to protect against the accidental or unlawful destruction, loss or alteration, and unauthorised disclosure of or access to the personal data transmitted, stored or otherwise processed by us.
- INTERNATIONAL DATA TRANSFERS
- We share your personal data within our group of companies. Where necessary, there are agreements in place to ensure that personal data is processed using appropriate safeguards that meet the requirements of data protection laws. Such appropriate safeguards may include standard data protection clauses adopted by a national data protection regulator and/or those approved by the European Commission, such as the European Commission’s standard contractual clauses, or other appropriate measures.
- If you would like to find out more about these safeguards or if you have any other queries or comments in relation to this Policy, please let us know by emailing us at info@sophiemacpherson.com.
- CALIFORNIA RESIDENTS & CCPA
- If you are a California (USA) resident, as defined in Section 17014 of Title 18 of the California Code of Regulations, you have certain rights in respect of the personal information we hold about you.
- If you have questions or concerns about our privacy policies and practices, please contact us using the details set out at the end of this Policy.
- Please see above for:
- the date on which this Policy was last updated;
- categories of personal information collected about you in the last 12 months ;
- categories of sources from which the personal information was collected;
- purposes for collecting personal information;
- categories of third parties with whom we share personal information;
- categories of personal information we have disclosed within the last 12 months ; and
- specific pieces of personal information we hold on you .
- For the purposes of the CCPA, please be aware that (per the details above) we have disclosed for business purposes, but we have not sold, your personal information to third parties within the last 12 months.
- You can designate an authorised agent to make a request under the CCPA on your behalf. The authorised agent must submit proof that they have been authorised by you to act on your behalf and provide proof of their own identity.
- Where the CCPA applies, you have the right to:
- request access to your personal information;
- request deletion of your personal information; and
- not be discriminated against for exercising any of your rights under the California Consumer Privacy Act of 2018 (CCPA).
- To make a verifiable consumer request, please contact us by email at info@sophiemacpherson.com. We may verify your request by asking for proof of identity, such as your device ID and/or user ID.
- GENERAL
- If you follow a link from the Website to any third-party websites, you should be aware that those websites may have their own privacy policies. We do not accept any responsibility or liability for those websites. Please check the policies of any third-party websites before submitting any personal data to those websites.
- We may make changes to this Policy in the future, which will be posted on this page. You should check this page from time to time to ensure you are aware of any changes. Where appropriate we may notify you of changes by email.
- All questions, comments or enquiries should be directed to us. We will try to respond to you within 48 hours or otherwise within a reasonable time.
CONTACT US
E-mail: info@sophiemacpherson.com
Cookie Policy
Last Updated: [20] April 2023
Cookies (and equivalent devices in the context of mobile devices) are small text files that are placed on your computer or device by websites that you visit and mobile applications you use. They are widely used in order to make websites and applications work, or work more efficiently, as well as to provide information to the owners of the sites and apps. The below explains the main cookies we use in https://www.sophiemacpherson.com/ (the “Website”) and why.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website, use a shopping cart or make use of e-billing services.
- Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our Website when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our Website. This enables us to personalise our content for you, greet you by name and remember your preferences.
- Targeting cookies. These cookies record your visit to our Website, the pages you have visited and the links you have followed. We will use this information to make our Website and the advertising displayed on it more relevant to your interests.
You can find more information about the individual cookies we use and the purposes for which we use them in the table below:
Cookie | Purpose | Duration | Type |
---|---|---|---|
_ga | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. | 2 years | Analytics |
_gat | The _gat cookie, installed by Google Analytics, is used by Google Analytics to throttle request rate. | 1 day | Analytics |
_gid | The _gid cookie, installed by Google Analytics, is used to generate statistical data on how | 1 day | Analytics |