D Griff Gallery EU GDPR Policy Summary. Updated 31st July 2018.

D Griff Gallery has implemented an ongoing process to ensure GDPR compliance since May 2018.


  • I will only retain your first name and email address; no other personally identifiable information is held.
  • Your email address is used solely to send you periodic newsletter emails to update you on my activities.
  • I will not send any advertising or promotional materials to you.
  • Your information is retained on a secure, encrypted server and will never be used other than for the above stated purpose.
  • Your data will never be passed to any third party whatsoever.
  • You may unsubscribe at any time with immediate effect by clicking on the “Unsubscribe” link which appears at the foot of all emails sent to you.
  • Alternatively you may use this website’s contact form to request we delete your data. This will be actioned promptly and confirmed to you when done.

I support and fully acknowledges my responsibilities under the EU General Data Protection Regulation (GDPR) which came into force in May 2018. 


The EU GPDR enforces key principles to protect the individual and their personally identifiable information (PII).

Lawful: Any data processing must meet the tests described in GDPR [article 5, clause 1(a)].

Transparent: A clear and concise definition of what data processing will be done.

Fair: All processing carried out must conform with how the processing has been described.

Minimised: Only store the minimum amount of data for the required purpose.

Accurate: Ensure data is accurate.

Limited: Store data no longer than is necessary, and delete data permanently if requested by the subject.

Confidential: Ensure data is held securely and, if stored in “the cloud” it is encrypted by default. 

The Information Commissioner’s Office (ICO) can audit any organisation to assess whether they are compliant or not.

For further information on GDPR please click here