Featured Category:
London Locations
Privacy Policy
INTRODUCTION
In order to conduct its business activities, it is necessary for East Coast Production to act as a data controller with respect to gathering and using the personal data of individuals. These can include clients, suppliers, freelancers, employees, location owners and other people the company has a relationship with or may need to contact. This policy sets out how we collect, use and protect any information you give us when you use this website and/or our services.
We are committed to safeguarding your privacy. Should we ask you to provide certain information, you can be assured that it will only be used in accordance with this policy. We may be required to update this policy from time to time in order to remain legal and compliant. You should check this page periodically to ensure that you are happy with any changes.
WHY THIS POLICY EXISTS
This data protection & privacy policy ensures East Coast Production:
WHAT WE COLLECT
We may collect the following information:
Clients & Suppliers
Location Owners
Employees and Freelancers
LAWFUL REASONS FOR PROCESSING
Clients & Suppliers
For Business to Business clients and contacts, our lawful reason for processing your personal information will usually in the first instance be “legitimate interests”. Under this we can process your information if we have a genuine and legitimate business reason and we are not harming any of your rights and interests. Once you enter into a contract with us our lawful reason becomes “contractual obligation”. This also includes steps taken at your request before entering into a contract.
Location Owners, Freelancers & Employees
For Business to Consumer clients and contacts, our lawful reason for processing your personal information will usually be “contractual obligation” e.g. to supply services you have requested, or to fulfil obligations under an employment contract or terms and conditions. This also includes steps taken at your request before entering into a contract.
WHAT WE DO WITH THE INFORMATION WE COLLECT
Clients
We require this information to understand your needs and provide you with a better service and in particular, for the following reasons:
Location Owners
We require this information to understand the areas of work we can put your property forward for and in particular, for the following reasons:
Employees and Freelancers
We require this information, in order to fulfil your employment contract.
RETENTION
We are required to keep documents, contracts etc. for the length of the contract as a minimum and for up to seven years afterwards as a maximum. We will determine this on a case-by-case basis after taking into account the individual circumstances and will only keep data which is necessary for us to fulfil our contractual obligations. Any personal data held by us for marketing updates will be kept by us until such time that you notify us you no longer wish to receive this information.
SECURITY
We are committed to ensuring that your information is secure and protected against unauthorised or unlawful processing, accidental loss, destruction and damage. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, technical and managerial procedures to safeguard and secure the information we collect.
Paperwork
Personal data collected in paper form is stored in locked filing cabinets and shredded when no longer required.
IT Systems
We have completed an internal cyber security risk assessment and applied suitable controls to reduce or mitigate any vulnerabilities or threats. Personal data stored in digital format is on secure cloud servers hosted in the United Kingdom with access to data highly restricted for approved business purposes only.
SECURITY BREACHES
Despite all the controls we have put in place to address all the key GDPR principles, there is still always a risk a data breach may happen. In the unlikely event of this, the breach will be notified to all data subjects affected without undue delay. If appropriate, this will also be reported to the ICO within 72 hours of us becoming aware. The person who should be informed of any breaches is named at the bottom of this policy and is contactable by email at all times.
HOW WE USE COOKIES
A cookie is a small file which is placed on your computer's hard drive and helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use some unobtrusive cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to client needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website however. You can find out more about cookies by visiting the All About Cookies resource website.
THIRD PARTY PROCESSING
Our work for you may occasionally require us to pass your information to our service providers and for the purpose of delivering our services to you. Where we are entering into an engagement with a third party, we will seek to be satisfied that they have secure measures in place so your privacy rights continue to be protected as outlined in this policy.
We only disclose information that is necessary to deliver our services and we never allow your personal data to be used by any third party for any market research, marketing or other commercial purposes. Under GDPR law, we may be required to disclose your data for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also be required to disclose your personal data where such disclosure is necessary for the establishment or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
YOUR RIGHTS UNDER GDPR
Your principle rights under GDPR are:
This means you have the right to know what data we are holding for you at any time, the right to access this data, change it and/or have it removed from any further processing activity.
SUBJECT ACCESS REQUEST
If you would like to contact us with a subject access request, please use the email address [email protected] with ‘GDPR Subject Access Request’ in the subject line. We will contact you within ten days of receiving this request.
If you are unhappy with the way your subject access request has been dealt with, you have the right to report a concern with a supervisory authority. In the UK, this is the Information Commissioner’s Office www.ico.org.uk/concerns.
RESPONSIBLE PERSON FOR GDPR
Tessa Dewing
East Coast Production | Bacon House | 35 St Georges Street | Norwich NR3 1DA
01603 728978 | [email protected]
@eastcoastlocations