Key Definitions and Facts

In accordance with General Data Protection Regulation 2018, Peshkar (Company Limited by Guarantee No. 3918088 and a Charity in England and Wales No. 1091092)is a Data Controller.

Registered Office
The Old Museum,
Greaves Street,
Oldham,
OL1 1DN

The Data Protection Officer for the organization is Steph Meskell-Brocken. She should be contacted on steph@peskar.co.uk for any enquiries regarding Data Protection or requests for Data.

Peshkar collects Data on Participants, Staff members (including freelance staff), Board Members and partner contacts.

Staff, Board Member and Partner data is collected under the basis of Legitimate Interest.

Participant data, including photographic and video footage is collected on the basis of Consent.

Peshkar collects the following Data as part of our regular monitoring procedures:

This Data is collected in the following ways:

Data is shared with funders on receipt of requests for monitoring information. These funders include but are not limited to Arts Council England, Heritage Lottery Fund, Oldham Council and British Council (administering Erasmus and Creative Europe).

Peshkar works in partnership with other organisations across the charities sector and, as such, will sometimes need to share data with these organsiations for the purposes of creating artworks, marketing and promoting projects and reporting to funders. When this is the case, data sharing agreements will be drawn into the partnership contracting procedure.

Data Processing

Peshkar uses Google as its email and cloud client. Data is held via Google Drive in secure files. Only those which do not contain Sensitive Personal Data are shared across the staff team. Google is GDPR compliant and has published details of its compliance here https://www.google.com/cloud/security/gdpr/

Peshkar occasionally uses other clients such as Mailchimp and Eventbrite as a ways of communicating with audiences. Both these are GDPR compliant. An outline of Mailchimp’s compliance tools can be found here https://blog.mailchimp.com/gdpr-tools-from-mailchimp/and Eventbrite’s can be found here https://www.eventbrite.co.uk/support/articles/en_GB/Troubleshooting/eventbrite-eu-data-protection?lg=en_GB

Peshkar hosts photographic images on Flickr (photographic permissions are sought from all participants) and video footage via Youtube (a Google service and, therefore covered by their policies).

Peshkar artists also make use of Dropbox to host imagery from workshops and projects. This may occasionally include photographic or video images of participants. Dropbox’s compliance information can be found here https://www.dropbox.com/en_GB/security/GDPR.

Image Processing and Social Media

Peshkar uses imagery and videos to promote projects on Social Media. Peshkar’s social media channels are Facebook, Twitter and Instagram. Peshkar takes the following safeguards regarding data shared via Social Media

Peshkar holds all data for a maximum of five years on inactivity. After this point, records of participants, staff and board members including photo and video records, evaluation and forms are deleted and shredded (if held in hard copy). If it is deemed that an individual is of worth to the organization as a contact after five years inactivity has lapsed, Peshkar may contact this person to seek their consent to retain their data.

Any individual coming into contact with Peshkar has the following rights over their Data:

The exercising of any of these rights can be undertaken through contacting the Data Protection Officer. Any requests will be dealt with in 30 days or less according to the guidance of the Information Commissioner’s Office.

Any complaints or concerns regarding data protection at Peshkar can be raised with the Data Protection Officer named above or, in the worst case scenario, with the Information Commissioner’s Office (www.ico.org.uk).

Peshkar carries out Privacy Risk Assessments on all its data. This process is undertaken by the Data Protection Officer and overseen by the Trustee responsible for Data and Safeguarding. Data reports are made to the Board of Trustees at every meeting.