Graft Data Privacy Notice

What data do we collect?

We collect the names, addresses, email addresses and phone numbers of people and organisations who book workshops or murals with us. We also collect the names and email addresses of people who have asked to be contacted about upcoming public workshops.


What do we use the data for?

We use the information about our clients in order to contact them about their booking. We also use it as a record of the bookings we have taken over the tax year, when we come to do our tax return. We have a mailing list of people who want to hear about upcoming workshops, and we use this to contact them when we have a new workshop coming up.


How do we store the data?

We have an Excel spreadsheet listing the contact details of our clients, along with the price they paid, when they paid, and the details of the workshop. This is password protected. We have a Word document listing those who have asked to join our mailing list. This is also password protected. We have reviewed this mailing list by asking people to opt in if they want to stay informed, and we will review it at regular intervals. Documents are saved on a laptop and Dropbox account (password protected). Clients, and those on the mailing list, can request that we delete their personal data at any time, and we will do so. We also sometimes print out booking forms sent by email, but these are destroyed by shedding once the workshop has passed.


How long do we keep the data?

We keep the booking information for 10 years, to tie in with our invoice and tax records, in case we need to refer back to past bookings and payments, or contact a client. We keep mailing list details until that person has booked onto a public workshop, or until they ask not to receive future emails. We will ask people on the mailing list if they wish to continue receiving emails at least once a year.


Who do we share data with?

We do not share personal data with anyone else and would not do so unless we were required to do so to comply with a legal investigation.


Clients’ rights

We will make our clients aware of these potential uses of their data when they book with us or join our mailing list. Clients have the right to ask us about what data we hold, and/or to ask us to safely destroy our records of their personal data at any time.


Please contact us with any questions regarding data by emailing us on


Cookie Policy

We host our website on and a number of security and tracking cookies are monitored. You have the right to know and decide whether you want this data to be collected.


  1.  About Cookies

1.1 A cookie is a file containing a string of letters and numbers that is sent by a web server to a web browser and it is then stored by the browser. This string of letter and numbers is then sent back to the server each time the browser requests a page from the server.

1.2 Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie remains valid until its set expiry date and is stored on your computer (unless deleted by the user before the expiry date). A session cookie will expire at the end of a browsing session, when the web browser is closed.

1.3 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.


2. Cookies that we use

2.1 We use cookies for the following purposes:

(a) authentication - cookies help to tell us when you visit our website and what type of device you use to access our site.

(b) security -  cookies form an important part of our security measures and they help to prevent the fraudulent use of login credentials and to protect our website.

(c) analysis - cookies help us to analyse the performance of our site.

(d) cookie consent - we use cookies to let us know your cookie preferences.

(e) Status - on our store we need to use cookies to be able to add things to the cart and to manage the buying process.


3. Cookies used by our service providers

3.1 Our website provider uses cookies and those cookies may be stored on your computer when you visit our website.​

3.2 Our website is built and hosted on the Wix and Wix applications use cookies and they are implemented in every site built by Wix. 

svSession, Permanent, Creates activities and BI

hs, Session, Security

incap_ses_${Proxy-ID}_${Site-ID, Session, Security

incap_visid_${Proxy-ID}_${Site-ID},  Session , Security

nlbi_{ID} , Persistent cookie, Security

XSRF-TOKEN, Persistent cookie, Security


​4. How do I change my cookie settings?

4.1 You can edit your cookie settings in your web browser settings.

4.2 Blocking all cookies will inhibit you from buying anything in our store and will have a negative impact on using most websites.


Sophie Higgins Wheeler – Data Controller and Data Processor for Graft and Robert Wheeler, co-founder of Graft


20th April 2020