Privacy Policy

Privacy Statement

Biglook is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights as a client.

It is the intention of this privacy statement to explain to you the information practices of Biglook in relation to the information we collect about you.

For the purposes of the GDPR the data controller is;

Fintan O'Byrne
Rose Cottage
Annestown
Co. Waterford
X91 Y2W0

You can email us at [email protected]

In this document “we”, “our”, or “us” refer to Biglook. Please read this statement carefully as this sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Who are we?

Biglook is an online platform which offers online art courses and mentorship programmes.

Accuracy of your personal data

Please keep us up to date with any changes to your personal data, this allows us to ensure that your personal data is kept accurate and up to date.

Personal data

Personal data refers to any information relating to an identified or identifiable natural person (Data Subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular in reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

In order for us to provide a service to you, we require certain information about you that is classed as personal information.

We may collect and process the following information:

• Personal identifiers, contacts and characteristics (for example, name, address, email and contact number, IP addresses, Student numbers)
• Payment information: financial information such as bank account or credit card information in order to facilitate the processing of payments
• Any information provided to us on your behalf to allow us to carry out our service to you

We ask that you do not provide any sensitive personal data (eg gender, height, weight, medical information, religion, philosophical or political beliefs, financial data) in job applications

We ask you to provide only the information that is necessary to submit a query to our website on our services.

We do not collect special categories of personal data about you. Special categories of personal data are as follows:

Racial origins, ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic or biometric data, criminal convictions, or offences

Should you apply to work at Biglook, we collect personal information from you such as;

• Name
• Contact Details
• CV’s education and employment history

When you visit our website

We use a third party platform to host our learning management system called Thinkific, the privacy policy of which is available here;

https://www.thinkific.com/privacy-policy/

How we collect your data

How we get the information and why we have it

Direct interactions

You may provide us with your personal information when you;

• fill in the query form on our website
• use our LMS
• correspond with us via email, phone or otherwise
• meet with us on a one-to-one and provide us with your business card, for example
• send your cv to us in order to apply for work

Cookies

We collect cookies or similar tracking technologies. This means information that our website’s server transfers to your computer. This information can be used to track your session on our website. Cookies may also be used to customise our website content for you as an individual. If you are using one of the common Internet web browsers, you can set up your browser to either let you know when you receive a cookie or to deny cookie access to your computer.

• We use cookies to recognise your device and provide you with a personalised experience.
• We also use cookies to attribute visits to our websites to third-party sources and to serve targeted ads from Google, Facebook, Instagram and other third-party vendors.
• Our third-party advertisers use cookies to track your prior visits to our websites and elsewhere on the Internet in order to serve you targeted ads. For more information about targeted or behavioural advertising, please visit https://www.networkadvertising.org/understanding-online-advertising.
• Opting out: You can opt out of targeted ads served via specific third-party vendors by visiting the Digital Advertising Alliance’s Opt-Out page.
• We may also use automated tracking methods on our websites, in communications with you, and in our products and services, to measure performance and engagement.
• Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

Web Analysis Tools

We may use web analysis tools that are built into the Biglook website to measure and collect session information that help us improve our service and support to customers.

Legal Basis

We are required to determine the legal basis for which we process different categories of your personal information, and to notify you of the basis for each category. If we receive information about you from a third party in error and/or we do not have a legal basis for processing that information, we will delete your information.

Most of the personal information we process is provided to us directly by you for one of the following reasons:

Information we process because we have a contractual obligation with you.

In order to carry out our obligations under that contract we must process the information you give us. Some of this information may be personal information.

We may use it for the purpose of:

• setting up your account as a client with us
• liaising with you
• providing you with our services
• providing you with suggestions and advice on products, services and how to obtain the most from using our website
• processing and ensuring payment of invoices

We process this information on the basis there is a contract between us, or that you have requested we use the information before we enter into a legal contract

Additionally, we may aggregate this information in a general way and use it to provide class information, for example to monitor our performance with respect to a particular service we provide. If we use it for this purpose, you as an individual will not be personally identifiable.

We may share this information with third parties in order to process the purchasing transaction of our services. These companies must also adhere to the same data protection legislation. If you would like further information about the identities of our service providers please contact us directly by email.

We shall continue to process this information until the contract between us ends or is terminated by either party under the terms of the contract.

Information we process for the purposes of legitimate interests

We may process information on the basis there is a legitimate interest, either to you or to us, of doing so. Where we process your information on this basis, we do so after having given careful consideration to:

• whether the same objective could be achieved through other means
• whether processing (or not processing) might cause you harm
• whether you would expect us to process your data, and whether you would consider it reasonable to do so

For example, we may process your data on this basis for the purpose of;

• necessary administration of our business – for example, creating your client account or setting up a student profile
• responding to unsolicited communication from you which we believe you would expect a response
• Where you have enquired about a course and we are following up on the information provided
• processing payments and invoices
• preparing for a job interview with you

Information we process because we have your consent

Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our website or ask us to provide with more information about our business, including job opportunities, our products and services, you provide your consent to us to process information that may be personal information.

Wherever possible, we aim to obtain your explicit consent to process this information, for example by asking you to agree to our use of cookies.

Sometimes you might give your consent implicitly, such as when you send us a message by email to which you would reasonably expect us to reply.

You may also provide consent to have your data used in order to receive information such as our newsletter, if available or as part of a user research survey.

Except where you have consented to our use of your information for a specific purpose, we do not use your information in any way that would identify you personally.

We continue to process your information on this basis until you withdraw your consent, or it can be reasonably assumed that your consent no longer exists.

You may withdraw your consent at any time by instructing us at [email protected]

Information we process because we have a legal obligation

We may be required to give information to legal authorities if they so request and subject to the correct authorisation

We also may be required to process your data in order to comply with common or statutory law

What we do with the information

• verify your identity for security purposes
• process financial transaction
• sell products to you
• provide you with our services
• keep our website safe and secure

If there are any regulatory requirements to process your personal data whilst carrying out any of the above, we are obliged to do so.

We may share your personal data with selected business associates, suppliers and contractors to

provide you with our services. For example, these business partners may include our web hosting provider and our IT Cloud service providers.

In the event that we buy or sell any business or assets, it may be necessary to disclose personal data

to the prospective buyer or seller

How long we hold your information

We keep your information for no longer than it is required or allowed. For information on the time periods your data is held for please contact us on [email protected]

Data Transfers

In some circumstances it may be necessary for us to transfer your data outside the European Economic Area (EEA). We will only transfer data to receivers that are in countries approved by the EU Commission, or where there are the appropriate safeguards in place to protect your personal data. For further information on these appropriate safeguards, please email [email protected]

Security

There are appropriate security measures in place to protect your data in the event of being accidentally lost or accessed without authorisation including;

Your data is also limited to only the necessary parties that need to process your data for business purposes.

Using secure servers to store your information

Verifying the identity of any individual who requests access to information prior to granting them access to information

Using secure sockets layer (SSL) software to encrypt any payment transactions you make on or via our website which are set by standards set by PCI-DSS as managed by the PCI Security Standards Council.

Using encryption to secure personal data

Only transferring your information via closed system or encrypted data transfers*

*transmission of information over the internet is not entirely secure, and if you submit any information to us over the internet (whether by email, via our website or any other means), you do so entirely at your own risk.

We cannot be responsible for any costs, expenses, loss of profits, harm to reputation, damages, liabilities or any other form of loss or damage suffered by you as a result of your decision to transmit information to us by such means.

Who we are sharing your data with

We may pass your personal data on to third party service providers contracted to Biglook in the course of dealing with you in order to provide our services to you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on your behalf. These third party service providers such as payment gateways and other payment transaction processers, have their own privacy policies in respect to the information and you may read their privacy policies so you can understand the manner in which your personal information will be handled.

We have reviewed all third parties we share your data with to ensure they are aware of their responsibilities under the GDPR.

Payments

If you make a purchase on our site, we use third party payment processor Stripe. Payments are encrypted through the payment card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction or for the purpose of maintaining a recurring payment.

Data Transfers

Your data protection rights

Under data protection law, you have rights including:

• Your right of access – You have the right to ask us for copies of your personal information
• Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete
• Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances
• Your right to object – You have the right to ask us to stop processing your personal data for profiling or direct marketing
• Your right to restriction of processing – You have the right to object to the processing of your personal data in certain circumstances
• Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have

one month to respond to you. Exemptions may apply if the information requested is considered excessive or repetitive.

Please contact us at [email protected] if you wish to make a request.

How to complain

You can also complain to the Data Protection Commission if you are unhappy with how we have used your data.

The Data Protection Commission address:

21 Fitzwilliam Square South
Dublin 2
D02 RD28

Privacy Policy statement changes

Biglook may change this policy from time to time. When such a change is made, we will post a revised version online. Changes will be effective from the point at which they are posted. It is your responsibility to review this privacy policy periodically, so you are aware of any changes. By using our services, you agree to this privacy policy.