Legal

Privacy Policy

This Privacy Policy explains how Mindful Art Workshops (“we”, “our”, “us”) collects, uses, shares and protects personal data when you visit this website, contact us, subscribe to updates, or purchase workshop tickets.

Last updated: 18 February 2026

1. Data Controller

Mindful Art Workshops is the controller of your personal data for the activities described in this policy. If you have questions about this policy or your data, contact us at info@artescape.ie.

2. Personal Data We Collect

• Contact details: name, email address, and any details you include in messages.
• Newsletter details: name (optional), email address, consent status, and source of sign-up.
• Booking details: name, email address, workshop selected, ticket quantity, amount, currency and payment status.
• Technical data: limited log and request data processed by our hosting and service providers for security and reliability.

3. How We Use Personal Data and Legal Bases (GDPR Art. 6)

• To respond to enquiries — legitimate interests (Art. 6(1)(f)).
• To manage workshop bookings and confirmations — performance of a contract (Art. 6(1)(b)).
• To process payments — performance of a contract (Art. 6(1)(b)); payment is handled by Revolut.
• To send newsletters and updates — your consent (Art. 6(1)(a)); you can withdraw consent at any time.
• To maintain security and prevent abuse — legitimate interests (Art. 6(1)(f)).
• To comply with legal obligations — legal obligation (Art. 6(1)(c)), where applicable.

4. Data Sharing and Processors

We do not sell personal data. We share data only where necessary with trusted processors, including:

• Netlify (website hosting, serverless functions, form processing);
• Revolut (payment processing);
• Postmark (newsletter and transactional email delivery);
• Cloudflare Stream (secure video delivery where enabled);
• Neon (database hosting for booking and ticket records).

Some providers may process data outside the UK/EEA. Where this happens, we rely on appropriate safeguards, such as adequacy decisions or standard contractual clauses, where required.

5. Data Retention

• Newsletter data: kept until you unsubscribe or withdraw consent.
• Booking and transaction records: retained for operational, legal and accounting needs.
• Support/contact messages: retained only as long as necessary to handle your request and related follow-up.

6. Your GDPR Rights

Subject to applicable law, you may request:

• access to your personal data;
• correction of inaccurate data;
• erasure of your data;
• restriction of processing;
• data portability;
• objection to processing based on legitimate interests;
• withdrawal of consent at any time (for consent-based processing).

To exercise your rights, email info@artescape.ie. You also have the right to lodge a complaint with your local data protection authority.

7. Cookies and Tracking

We currently do not use advertising cookies. If analytics or additional cookies are introduced, this policy and any required consent notices will be updated accordingly.

8. Data Security

We use reasonable technical and organisational measures to protect personal data from unauthorised access, misuse, loss, disclosure, or alteration.

9. Children

Our services are not intentionally directed at children under 16 without parent/guardian involvement. If you believe a child has provided personal data improperly, contact us and we will review and remove it where appropriate.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with a revised “Last updated” date.