AICA-UK Privacy Policy

AICA-UK is committed to protecting your privacy and to use information collected about you in accordance with the Privacy and Electronic Communications Regulations 2003, the Data Protection Act 1998 (DPA) and the General Data Protection Regulation 2018 (GDPR).

This privacy policy relates to information for which AICA-UK is the data controller and sets out how and why we obtain, use and protect personal information.

Who we are

The International Association of Art Critics (AICA) supports those engaged in writing and thinking about art through offering public programmes and membership benefits that include free access to museums across the globe. Established in 1950 and based in Paris, AICA is committed to promoting art criticism as a practice and to protecting the ethical and professional interests of its members. The UK Section of AICA (AICA-UK) comprises over 300 critics, art writers, curators and scholars throughout the country.

Our basis for processing your personal information and what we use it for

We hold personal data for a number of reasons, including to

  • keep a record of our members, their profiles, their correspondence and their subscriptions
  • offer membership to new applicants
  • send details of the organisation’s policies, activities and events to members
  • help members collaborate and work together
  • seek members’ views and comments
  • ensure we do not send unwanted information to members who have asked not to be contacted
  • fundraise and promote the interests of AICA-UK or AICA at home and abroad
  • share members’ contact details with the international office so that they can keep you informed about events and activities
  • track use of the website by members of the public
  • contact those who attend our events
  • manage our employees and volunteers
  • meet all legal obligations.

It is possible that we may need to disclose information about you when required by law, warrant, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to: investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; enforce our agreements with you; investigate and defend ourselves against any third-party claims or allegations; exercise or protect the rights and safety of AICA-UK or AICA.

What information do we collect?

The personal information that we collect about members includes:

  • name, title, aliases, date of birth, photographs
  • information about race, gender, ethnicity and sexual orientation (you have the right to decline to provide us with this information)
  • contact details including postal address, email address, telephone numbers and links to individual websites and social media accounts
  • any disability as defined by the Equality Act 2010
  • professional and personal data, including details of publications, submitted in connection with a membership application or renewal.

Paper copies of applications, including attached documentation, are stored in the publicly accessible Tate Archive, housed at Tate Britain in London. Electronic versions are shared with and retained by AICA.  

Our website lists all members and provides a form that allows members of the public to contact them indirectly. Members are invited to enhance their profile through the use of a photograph, a short text detailing their career and interests, and details of individual websites and social media accounts. We are not responsible for the accuracy of either the personal data or content provided in these profiles. Members accessing the ‘members only’ area of the website need to supply their name, email address and a password.

We may also gather and store information on those who participate in projects or attend our events, including names and email addresses.

We may also gather and store details of visits to AICA-UK’s website including traffic data, location data, operating system, browser usage, and resources accessed. To do this we use cookies, device information and internet protocol (IP) addresses to identify you and log your use. This helps us to understand engagement with our content, and the preferences of website users. When you visit or leave our website (including our plugins or cookies or similar technology on the sites of others), we may receive the URL of both the site you came from and the one you go to next. We may also get information about your IP address, proxy server, operating system, web browser and add-ons, device identifier and features, and/or ISP or your mobile carrier. If you use our website from a mobile device, that device may send us data about your location. Most devices allow you to prevent location data from being sent to us and we honour your settings.

We also retain data relating to employees, volunteers and role holders within the organisation. This may include personal data, references, citizenship and immigration status, CVs and financial information, including records of earnings and bank account numbers.

What is the legal basis for processing your personal data?

Most of our data is processed because it is necessary for our legitimate interests, or for the legitimate interests of a third party, though we always take into account your interests, rights and freedoms. Some of our processing is necessary for compliance with legal obligations, for example, as an employer. We may also process data if it is necessary for the performance of a contract or in compliance with a legal obligation.

Where your information is used other than in accordance with one of these legal bases, we shall first obtain your consent to that use.

How do we collect your information?

Members and new applicants formally agree to give us personal information and allow us to collect and make use of it in ways described in this Privacy Policy when applying to become a member.

Like most websites, ours uses cookies that record site use in order to help improve your experience. If you engage with us through the website, you consent to this privacy policy, including our use of cookies.

If you apply for a ticket to one of our events, we may assume that you consent to being contacted by us in the future with regard to similar events or news from the organisation.

Giving you control

We provide you with choices that allow you to opt out or control how we use and share your data. You have the right to check and delete information held about you. Please contact us to let us know your preferences.

You may choose to unsubscribe from most email notifications from the organisation, apart from essential updates or information about subscriptions.

This privacy policy may be updated from time to time and so you may wish to check it each time you submit personal information to AICA-UK. The date of the most recent revisions will appear on this page. If you do not agree to these changes, please do not continue to use the website to submit personal information to the organisation. If material changes are made to the privacy policy we will notify members and the public by placing a prominent notice on the website.

How we keep your details safe and secure

Members’ personal data is held in the databases and systems of AICA-UK and the parent organisation AICA. We seek to hold your data securely. All officers and volunteers with the organisation who receive data and operate on the AICA-UK’s behalf receive appropriate guidance. We also monitor our systems for possible vulnerabilities and attacks.

Access to your data by those outside of the organisation is strictly controlled.

Sharing your personal data

Your personal data is treated as strictly confidential. It is shared with third parties only where necessary for the performance of certain relevant tasks or where you first give us your consent. As noted, we share data about our members with our parent organisation AICA, and we may also need to disclose your details to third parties:

  • if we run an event in partnership with another named organisation so that they can help us run the event.
  • in order to comply with any legal obligation to do so. This includes the police and other crime protection and detection agencies or regulatory bodies.
  • to our legal/financial advisors.
  • for the purposes of regulatory or inspection compliance.
  • to funding bodies
  • to service providers (for example, data processing and website services) acting in strict accordance with our instructions, and subject to confidentiality obligations. They may have access to your information as reasonably necessary to perform tasks on our behalf and are obligated not to disclose or use it for other purposes.

We do not sell personal details to third parties for any purpose nor will we share your personal data with any other organisations for marketing purposes.

Note that information about members is publicly accessible on our website.

How long do we keep your information?

We may retain information about members for a period of seven years after their relationship with us has come to an end. It is current best practice, for example, to keep financial records for a minimum of seven years to support HMRC audits. Some information may be held indefinitely for historical, statistical, research or legal purposes though, in general, we aim to keep data only for as long as it is needed. You have the right to require us to erase personal data. 

Your rights

By law you have a number of rights, including the right to:

  • obtain access to, and copies of, the personal data that we hold about you
  • require that we cease processing your personal data if the processing is causing you damage or distress
  • require us not to send you marketing communications
  • require us to correct the personal data we hold about you if it is incorrect
  • require us to erase your personal data
  • require us to restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal)
  • receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller
  • object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights.

Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply. The list of our members is, for example, a historical record which is maintained for posterity with the limited amount of information we require to achieve this.

Further processing

If we wish to use your personal data for a new purpose, not covered by this Privacy Policy, we shall notify you, setting out the relevant purposes and processing conditions.  Where and whenever necessary, we shall seek your prior consent to the new processing.

Email disclaimer

The information in any e-mail (and/or document attached) sent by or on behalf of AICA-UK is confidential and may be legally privileged and/or contain copyright material of the organisation. The information is intended solely for the use of the named addressee. If you are not the named addressee of an email from AICA-UK, please notify the sender immediately and do not disclose, copy or distribute the contents to any other person. Whilst AICA-UK takes all reasonable precautions to ensure that its emails are virus free, no responsibility will be taken for viruses transmitted from its systems. 

Contact us

Please contact us if you have any questions or complaints about our privacy policy or information we hold about you. Email us at secretary@aicauk.org or write to us at 89 Great Russell Street, London WC1B 3PS.

You also have the right to make a complaint direct to the UK’s data protection authority, the Information Commissioner’s Office (ICO). The ICO can be contacted at: https://ico.org.uk/global/contact-us/.

Last updated: January 2020