Privacy Policy
Liverpool Independent Art School
Occasionally our tutors may ask you if you would like to stay in touch with them personally. You are under no obligation to supply your personal information to our tutors and if you choose to do so then the Tutor becomes the data controller for that data.
Fair Processing and Privacy Notice
Data Controller – Liverpool Independent Art School
Contact Details regarding Data Protection Enquiries:
Tony O’Connell
LIAS’s Commitment To Your Privacy
This policy explains how we collect, use and store your information. We aim to only use your information in a way that you are comfortable with. Keeping your information secure is important to us.
We will ensure we meet all information protection legal requirements when handling any of your personal information.
Who is the controller of your personal data?
Liverpool Independent Art School is the controller of the personal data you submit to us and responsible for your personal data under applicable data protection law.
Where do we store your data?
We store the data that we collect from you within the UK and European Economic Area (“EEA”) but may also be transferred to and processed in a country outside of the EEA. Some cloud based companies we use for processing data are based in the US. Any such transfer of your personal data will be carried out in compliance with applicable laws.
For transfers outside the EEA, LIAS will use Standard Contractual Clauses and Shields as safeguards for countries without adequacy decisions from the European Commission.
Who can access your data?
We never sell your data to third parties.
We have contracts in place with third party processors so we know that they are compliant with GDPR and or US Privacy Shield
We forward your personal data to third parties to provide you with services outlined in the different categories below. This includes our email platforms, a web app for hosting online courses and our customer relationship management (CRM) system to send your order confirmation and communications. We use secure payment service providers for your payment. No credit or debit card information is held by LIAS. We store transaction and communication information on our cloud based CRM system as well as cloud-based file storage for bookkeeping purposes.
What is the legal ground for processing?
Lawful basis for processing data is covered under one of the following 6 reasons and this is explained in each chapter below. We must have one of these lawful reasons before we can process your personal data:
(a) Consent: clear consent for us to process your personal data for a specific purpose not covered by the other lawful basis listed below.
(b) Contract: the processing is necessary for a contract you have with us
(c) Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations).
(d) Vital interests: the processing is necessary to protect someone’s life.
(e) Public task: the processing is necessary for us to perform a task in the public interest or official functions, and the task or function has a clear basis in law.
(f) Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect an individual’s personal data which overrides those legitimate interests.