As part of your journey to GDPR compliance you’ll need to update your privacy notice (or create one if you don’t have a policy already).

Your privacy notice usually sits on your website, and you can link to it when you’re asking people to subscribe to your newsletter or enter their booking details.

The Information Commissioners have issued some of their harshest penalties for non-notification. Your privacy notice is a way for you to inform your audience on what data you collect, what you do with it, and why.

It’s a chance for you to build that relationship of trust with your audiences, and present yourself as an open and honest organisation. These are qualities that set the arts, culture, and heritage sector apart from the commercial sphere – so we should be emphasising them as much as we can.

Best of all – this is an easy win. It doesn’t take long to create, and it doesn’t have to be a wordy or complex document. In fact, the ICO encourages you to keep it simple.

Download this free toolkit to create your own GDPR compliant privacy notice. We’ll provide a real-life example for each section, along with a text box for you to fill in the information about your own organisation.

Get Personalised GDPR Support

If you have a question that isn’t answered above, you can leave us a comment below and we’ll do our best to answer. We’re also offering bespoke GDPR workshops for cultural organisations for £150 + VAT, so please drop Úna an email if you’re interested.

Note: This is intended to provide an overview of GDPR and is not a definitive statement of the law.

For a definitive guide, check out the Information Commissioner’s Office website.