Privacy Policy

Effective:   December 13, 2016

SCOPE 

Welcome to the Sotheby’s group of companies (Sotheby’s or “we”).  From its beginnings in 1744, Sotheby’s has built its business on the trust of its customers, clients and visitors.  We endeavor to understand their interests in art and, at the same time, protect their privacy.  Those values remain essential to us even as we have grown into a global network of offices in approximately 40 countries.  Sotheby’s publishes this Privacy Policy to let you know how we will continue to collect, use and protect information in a digital age.

This Policy covers information that you give us when you bid or purchase something from us or consign art work or other goods to us, register for or attend any of our live events around the world, visit or register for any of our Sotheby’s branded websites or apps, sign up for any of our print or online publications or newsletters or publish information on Sotheby’s pages on social media platforms.  We will publish a link to the Policy at the bottom of online properties to which it applies and as often as possible, will include its url, http://www.sothebys.com/en/pp.html paper forms to which it is applicable.    

Please note that we may offer you online auction opportunities in two ways:  First, you may bid on Sotheby’s own auction platform.  Data about you will be collected and used according to this Policy and our Cookie Policy as published on those sites or apps.  We may also arrange for other companies’ auction sites to allow you to participate in our auctions/bid for Sotheby’s items from their sites.  The other companies may collect data about you and your participation according to their respective privacy policies.  Those other companies will transfer data about you to us to fulfil successful bids and we may also use that data in any manner consistent with this Privacy Policy.  We recommend that you take a moment to ascertain whether you are on another company’s auction site and review the posted privacy policy applicable to that site.

INFORMATION THAT IDENTIFIES YOU

We rely on the information you provide to us or that we collect or observe about your individual interactions with us for example, if you attend a live event, participate in one of our auctions or become a client, or register online.  If you have registered with us online, we use data collection technologies to collect information that indicates your individual interests in our websites, online platforms and apps and your response to our emails and marketing campaigns.   We may add public information about you from external sources, including social media. 

We may work to expand our customer base by acquiring names and contact data from other sources.

DATA COLLECTION TECHNOLOGIES

We may use common data collection technologies as you visit our websites or apps:

– Our logs gather date, time, information about your browser and system or device configuration and an IP address for all visitors to our sites.  We use this information for our internal security purposes, for trend analysis and system administration and to gather general information about our audiences and their geographic locations.

    - Cookies can also read and collect data about your browsers as you visit our websites:  Please read our Cookie Policy for more detailed information about what cookies are, what kinds are used on our sites and what choices you have.

    - In general, our app will funnel data you provide about yourself, for example, registration or bidding data, back to our data bases and systems.  An app may however, rely on other data collection technologies to recognize the device you use for viewing and personalize your experience. If our app relies on additional data collection technologies that collect or use data about individual users, we will include additional notice either within the app or in a policy that accompanies it.

    - We also use and allow certain other companies to use technologies that are similar to cookies (for example pixels and gifs) when we send you email.  This helps support the delivery of internet based content and advertisements to you.

We may make video recordings of our auctions and certain live events.

HOW SOTHEBY’S USES INFORMATION ABOUT YOU

Sotheby’s uses data about you for the following purposes:

– To manage and assure the integrity of our auctions.

– To fulfill your orders, provide the services and information you request and manage your account and relationship with us.

–  To send you information about upcoming events and content that you may be interested in.

– To improve our website and services.

–  To match online ads to your interests, to arrange for Sotheby’s and other companies’ ads , ours and other companies’, to reach you after you have left our sites and to help advertisers show you ads that are more relevant to your interests.

– To expand our online audiences.

–  For any other purpose that we tell you about specifically when you register or provide data about yourself to us.                 

WHEN SOTHEBY’S MAY DISCLOSE INFORMATION THAT IDENTIFIES YOU

Sotheby’s may disclose or transfer data that identifies you to other companies or entities only as follows:

– We reserve the right to disclose information that identifies you to third parties in certain  circumstances:

    - To vendors that work on our behalf.

    - To law enforcement or other entities that present valid legal process or in our discretion, unless otherwise prohibited by law, to protect human safety, our rights or the rights of others.

    - To meet certain legal compliance requirements for example, under AML (anti-money laundering) laws.

    - As part of a sale or merger of our business assets.

– We disclose information about you to Sotheby’s International Realty, a company not affiliated with Sotheby’s.

– We may transfer information about you to ad technology firms so that they may recognize your devices and deliver interest-based content and advertisements to you.  The information may include your name, postal address, email, device ID, or other identifier in encrypted form.  The company may process the information in hashed or de-identified form. These companies may collect additional information from you, such as your IP address and information about your browser or operating system; may combine information about you with information from other companies in data sharing cooperatives in which we participate; and may place or recognize their own unique cookie on your browser. These cookies contain no personally identifiable information; they may contain demographic or other data in de-identified form.   To opt-out of third party cookies, please go to your browser settings or, in the United States, you may also visit http://www.aboutads.info/choices .  We transfer data to Live Ramp; if you wish to opt out of their cookie, you can do so by visiting http://liveramp.com/opt_out/

YOUR CHOICES

You have a choice about and control over:

 Receiving marketing messages from us.  We may contact you by email, text or SMS messaging.

    - We encourage you to visit Sotheby’s Preference Pages to let us know what information you would like us to send to you and your preferred means of delivery.

    - You may also stop email marketing by using the “opt out”, or “unsubscribe” mechanism at the bottom of our email marketing messages.  In most cases, we will give you a choice about stopping just one kind of email or opting out of all email marketing from us.

    - If you have provided data about yourself to a member of the Sotheby’s group and are resident in the EU you have the legal right to ask us not to process that personal data about you for marketing purposes.  To make such a request, please contact enquiries@sothebys.com.  

 Whether cookies can be set or read on your browser.   You can learn more about controlling cookies placed on your device as you visit our sites in our Cookie Policy.

– Whether your account is up to date.   You may review and edit the Personal Information that is stored in your user account on our Web Site (e.g., your passwords and other contact information) by visiting the “Profile” area of your account on our Web Site or by contacting Sotheby's via the email address at the end of this policy.  We will endeavor to respond to your request as soon as practicable. Before we are able to provide you with any information, correct any inaccuracies or delete any information, however, we may ask you to verify your identity and to provide other details to help us to respond to your request.

MORE IMPORTANT INFORMATION

Sotheby’s is a global company.  We receive data collected locally by members of the Sotheby’s group and collect data online directly from individuals in countries around the world.  We may process that data on servers globally.  We have put recognized protections in place for the transfer of data from members of the Sotheby’s group in the EU to our servers in the United States.

We protect your information using physical, technical and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration.  While we work to keep information secure, we cannot warrant or guarantee its security.  You remain responsible for protecting your username and password and for the security of information you transmit to us over the Internet.

Our websites are directed to adults, including young adults.  They are not directed to children, particularly under those under the age of thirteen.   We do not accept them as clients or knowingly collect data about them.

Our web sites may contain links to other websites not owned or controlled by Sotheby’s.  Those sites may collect information about you.  Sotheby’s is not responsible for their practices or content.

CHANGES

We reserve the right to change the practices described in this Policy at any time.  Please check here periodically. 

Your continued use of our services and online offerings covered by this Policy indicates your consent to the practices in place at the time of your use.

HOW TO CONTACT US 

For questions about this Privacy Policy please email us at Compliance@sothebys.com or contact

Sotheby’s
Attn: Compliance & Business Integrity Department
1334 York Avenue
New York, NY

ADDITIONAL INFORMATION FOR EEA CUSTOMERS & VISITORS TO SOTHEBY’S SITES AND APPS

In order to meet privacy regulations in the EEA and Switzerland, Sotheby’s provides additional information to its EEA based customers, website visitors and users of its apps.

Who is responsible for your data?

If you transact in an auction or private sale in a Sotheby's office in the EEA or Switzerland, then the Sotheby's entity running the auction will be the data controller for that data. The name and contact details for this entity will be set out in your consignment agreement, private sale agreement, invoice or Conditions of Business for the auction.

If you visit Sothebys.com, another Sotheby's website or use a Sotheby’s app, then the data controller will be Sotheby’s, a U.S. entity, and the main privacy policy contains our contact details.

What is the legal basis on which Sotheby’s relies to process your data?

On some occasions, Sotheby’s processes your data with your consent (for example, when you agree that we may place cookies, or if you ask Sotheby’s to send you information about upcoming events).

On other occasions, Sotheby’s processes your data when we need to do this to fulfil a contract with you (for example, for billing purposes) or where we are required to do this by law (for example, where we have to fulfil anti-money laundering requirements).  If it is mandatory for you to provide data for these purposes, we will make this clear at the time and will also explain what will happen if you do not provide the data (for example, that we will not be able to process a bid at auction).

Sotheby’s also processes your data when it is our legitimate interests to do this and when these interests are not overridden by your data protection rights. For example, Sotheby’s has a legitimate interest in ensuring the security and integrity of its auctions and In ensuring that it's web-sites and apps operate effectively.

Data transfers

Sotheby’s may transfer personal data to countries outside the EEA, including to countries which have different data protection standards to those which apply in the EEA. Sotheby’s has put in place European Commission approved standard contractual clauses to protect this data. You have a right to ask us for a copy of these clauses (by contacting us as set out above).

Your rights

You may ask Sotheby’s for a copy of your information, to correct it, erase it or to transfer it to other organisations at your request. You also have rights to object to some processing and, where we have asked for your consent to process your data, to withdraw this consent. In particular, you have rights to object to direct marketing at any time. Where we process your data because we have a legitimate interest in doing so (as explained above), you also have a right to object to this. These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your data.

We hope that we can satisfy queries you may have about the way we process your data. However, if you have unresolved concerns you also have the right to complain to data protection authorities.