David Mankin – Privacy Policy

David Mankin and Your Information

David Mankin takes your privacy very seriously.
 

For data protection purposes, David Mankin is the Data Controller for the personal information described in this policy. If a registration with the Information Commissioner’s Office (ICO) is required, the registration number will be available via the ICO public register.
 

If you have any questions, or if you would like to make a request about your personal information, please contact  info@david-mankin.com.
 

David Mankin is permitted to collect, use, store, and share information about you for the performance of a contract, to meet legal obligations, and for legitimate interests relating to running and promoting the studio and artworks. Where required, we will ask for your consent.

​

We do not transfer your personal information outside of the UK.

 

Collecting Your Information

We collect information about you either directly – when you subscribe to the website, make an enquiry, or purchase artwork – or indirectly through functional cookies on our website.

 

The information we collect is stored on electronic systems and may include:

Personal Data:

• Names and contact details (such as your email address).

• Purchase or account history (for example, records of artwork purchased or enquiries made).

​

Sensitive Personal Data:

We do not intentionally collect special category (sensitive) personal data. Please avoid sharing this type of information unless it is necessary and you are comfortable doing so.

 

Using Your Information

We use your information in the following ways:

• To respond to enquiries and provide services or goods, including delivery of artwork.

• To manage orders, payments, and customer support.

• To keep accurate business records for legal, tax, and accounting purposes.

• To send service updates or relevant news about paintings and studio work to people who subscribe to the website or opt in to receive communications.

• To improve our website, services, and customer experience.

• We only use your information where we have a lawful basis to do so – see below.

 

Lawful Bases for Processing

Under UK GDPR, we rely on the following lawful bases:

 

Performance of a Contract

Where you purchase artwork or request a service, we process your information so we can fulfil that order and provide what you’ve asked for.

 

Legitimate Interests

We process some information because it helps us run and grow the business in a fair and expected way, without overriding your rights. For example:

 

• Maintaining a subscriber list for people who want updates about new paintings and studio news.

• Promoting and improving our work, services, and website.

 

Legal Obligation

We retain and use relevant information to comply with legal requirements such as financial record-keeping and tax rules.

 

Consent (where required)

Where the law requires consent – for example, certain types of marketing or non-essential cookies – we will ask you clearly and you can withdraw consent at any time.

 

Sharing Your Information

David Mankin works hard to ensure that only the right people have access to your information.

​

We use the following system to deliver our services:

 

• Website Provider / Customer Data System: Wix

 

We do not share personal information with third parties who are not involved in providing services to us, unless we are legally required to do so. This may include:

 

• Sharing with the police or other authorities for crime prevention or detection.

• Sharing in the wider public interest, such as safeguarding.

• Sharing under a court order.

 

Information Rights

 

Data protection law gives you rights over your information, and we are committed to supporting them:

• Right to Access: You can ask for a copy of the personal information we hold about you.

• Right to Object: You can object to certain uses of your information, including marketing.

• Right to Withdraw Consent: Where we rely on consent, you can withdraw this at any time.

• Right to Correction: You can ask us to correct inaccurate or incomplete information.

• Right to Erasure: You can ask for your information to be deleted where there is no valid reason for us to keep it.

• Right to Portability: You can request your information in a usable format and ask us to transfer it to another organisation where appropriate.

​

To exercise your rights, contact info@david-mankin.com.
 

Protecting Your Information

We protect your data by:

• Restricting access to personal information to authorised people only.

• Using secure, password-protected systems.

• Keeping the amount of data collected to what is necessary.

• Reviewing how we handle personal data to ensure good practice continues.

 

Storing Your Information (Retention)

We keep information only as long as necessary for its purpose. Typical retention periods are:

 

• Customer Enquiries and Correspondence: kept for up to 3 years after last contact, in case you return or to resolve any follow-up issues.

• Purchase and Transaction Records: kept for 6 years to comply with HMRC and accounting requirements.

• Website Subscribers / Mailing List: kept until you unsubscribe or ask to be removed.

• Website Analytics / Functional Cookie Data: retained in line with Wix settings and industry norms, and not used to identify you unnecessarily.

​

If something needs to be kept longer (for example, due to a legal claim), we will retain it only for as long as required.

  

Complaints

You have the right to raise concerns about how your information is used. Please contact us in the first instance at info@david-mankin.com, and we will do our best to resolve the issue. You can also complain to the ICO.

 

Profiling or Automated Decision-Making

David Mankin does not use automated decision-making or profiling in relation to your personal information.