AICA-UK is committed to protecting your privacy and to use information collected about you in accordance with the Privacy and Electronic Communications Regulations 2003, the Data Protection Act 1998 (DPA) and the General Data Protection Regulation 2018 (GDPR).
Who we are
The International Association of Art Critics (AICA) supports those engaged in writing and thinking about art through offering public programmes and membership benefits that include free access to museums across the globe. Established in 1950 and based in Paris, AICA is committed to promoting art criticism as a practice and to protecting the ethical and professional interests of its members. The UK Section of AICA (AICA-UK) comprises over 300 critics, art writers, curators and scholars throughout the country.
Our basis for processing your personal information and what we use it for
We hold personal data for a number of reasons, including to
- keep a record of our members, their profiles, their correspondence and their subscriptions
- offer membership to new applicants
- send details of the organisation’s policies, activities and events to members
- help members collaborate and work together
- seek members’ views and comments
- ensure we do not send unwanted information to members who have asked not to be contacted
- fundraise and promote the interests of AICA-UK or AICA at home and abroad
- share members’ contact details with the international office so that they can keep you informed about events and activities
- track use of the website by members of the public
- contact those who attend our events
- manage our employees and volunteers
- meet all legal obligations.
It is possible that we may need to disclose information about you when required by law, warrant, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to: investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; enforce our agreements with you; investigate and defend ourselves against any third-party claims or allegations; exercise or protect the rights and safety of AICA-UK or AICA.
What information do we collect?
The personal information that we collect about members includes:
- name, title, aliases, date of birth, photographs
- information about race, gender, ethnicity and sexual orientation (you have the right to decline to provide us with this information)
- contact details including postal address, email address, telephone numbers and links to individual websites and social media accounts
- any disability as defined by the Equality Act 2010
- professional and personal data, including details of publications, submitted in connection with a membership application or renewal.
Paper copies of applications, including attached documentation, are stored in the publicly accessible Tate Archive, housed at Tate Britain in London. Electronic versions are shared with and retained by AICA.
Our website lists all members and provides a form that allows members of the public to contact them indirectly. Members are invited to enhance their profile through the use of a photograph, a short text detailing their career and interests, and details of individual websites and social media accounts. We are not responsible for the accuracy of either the personal data or content provided in these profiles. Members accessing the ‘members only’ area of the website need to supply their name, email address and a password.
We may also gather and store information on those who participate in projects or attend our events, including names and email addresses.
We also retain data relating to employees, volunteers and role holders within the organisation. This may include personal data, references, citizenship and immigration status, CVs and financial information, including records of earnings and bank account numbers.
What is the legal basis for processing your personal data?
Most of our data is processed because it is necessary for our legitimate interests, or for the legitimate interests of a third party, though we always take into account your interests, rights and freedoms. Some of our processing is necessary for compliance with legal obligations, for example, as an employer. We may also process data if it is necessary for the performance of a contract or in compliance with a legal obligation.
Where your information is used other than in accordance with one of these legal bases, we shall first obtain your consent to that use.
How do we collect your information?
If you apply for a ticket to one of our events, we may assume that you consent to being contacted by us in the future with regard to similar events or news from the organisation.
Giving you control
We provide you with choices that allow you to opt out or control how we use and share your data. You have the right to check and delete information held about you. Please contact us to let us know your preferences.
You may choose to unsubscribe from most email notifications from the organisation, apart from essential updates or information about subscriptions.
How we keep your details safe and secure
Members’ personal data is held in the databases and systems of AICA-UK and the parent organisation AICA. We seek to hold your data securely. All officers and volunteers with the organisation who receive data and operate on the AICA-UK’s behalf receive appropriate guidance. We also monitor our systems for possible vulnerabilities and attacks.
Access to your data by those outside of the organisation is strictly controlled.
Sharing your personal data
Your personal data is treated as strictly confidential. It is shared with third parties only where necessary for the performance of certain relevant tasks or where you first give us your consent. As noted, we share data about our members with our parent organisation AICA, and we may also need to disclose your details to third parties:
- if we run an event in partnership with another named organisation so that they can help us run the event.
- in order to comply with any legal obligation to do so. This includes the police and other crime protection and detection agencies or regulatory bodies.
- to our legal/financial advisors.
- for the purposes of regulatory or inspection compliance.
- to funding bodies
- to service providers (for example, data processing and website services) acting in strict accordance with our instructions, and subject to confidentiality obligations. They may have access to your information as reasonably necessary to perform tasks on our behalf and are obligated not to disclose or use it for other purposes.
We do not sell personal details to third parties for any purpose nor will we share your personal data with any other organisations for marketing purposes.
Note that information about members is publicly accessible on our website.
How long do we keep your information?
We may retain information about members for a period of seven years after their relationship with us has come to an end. It is current best practice, for example, to keep financial records for a minimum of seven years to support HMRC audits. Some information may be held indefinitely for historical, statistical, research or legal purposes though, in general, we aim to keep data only for as long as it is needed. You have the right to require us to erase personal data.
By law you have a number of rights, including the right to:
- obtain access to, and copies of, the personal data that we hold about you
- require that we cease processing your personal data if the processing is causing you damage or distress
- require us not to send you marketing communications
- require us to correct the personal data we hold about you if it is incorrect
- require us to erase your personal data
- require us to restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal)
- receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller
- object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights.
Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply. The list of our members is, for example, a historical record which is maintained for posterity with the limited amount of information we require to achieve this.
The information in any e-mail (and/or document attached) sent by or on behalf of AICA-UK is confidential and may be legally privileged and/or contain copyright material of the organisation. The information is intended solely for the use of the named addressee. If you are not the named addressee of an email from AICA-UK, please notify the sender immediately and do not disclose, copy or distribute the contents to any other person. Whilst AICA-UK takes all reasonable precautions to ensure that its emails are virus free, no responsibility will be taken for viruses transmitted from its systems.
You also have the right to make a complaint direct to the UK’s data protection authority, the Information Commissioner’s Office (ICO). The ICO can be contacted at: https://ico.org.uk/global/contact-us/.
Last updated: January 2020