YOUR PERSONAL DATA (Privacy Notice)

Entify Media protects and uses your personal data (“data”) with great care, as required by the General Data Protection Regulations (“GDPR”).  The GDPR gives you control of your data and requires that we collect and use it fairly and transparently.  Our responsibilities and your rights are summarized below.

THE DATA WE COLLECT AND WHY

  1. Contracts and enquiries

We keep the minimum data needed to respond to your enquiries, and to do any work that you contract to us.  When we plan to work with other people or organizations to respond to your enquiry or fulfil your contract, we will share with them any data that is necessary for them to do what is needed for the enquiry or contract.  We will not share information related to the enquiry or contract that you have told us is confidential unless we have your permission.

Under the GDPR, the lawful basis for the above processing is “contract”.  However, we may keep your data for longer than is necessary for the enquiry or contract.  This is for one or more of the following reasons, which fall under the GDPR lawful basis of “legitimate interests”:

  • to have the data available in case of dispute, or to meet follow-up enquiries
  • for internal research purposes in order to improve future services
  • for marketing (see below).

 The GDPR gives you the rights to know what personal data we hold about you and, in most cases, have that data erased.  If you wish to exercise these rights, please contact us as shown below.

  1. Marketing

We occasionally contact existing and potential customers to update them on the range of services that we can provide.  Our aim is to do this in a selective way, so that we only contact those that we think could benefit from our services and would be interested.

To do this, we retain data obtained from customer enquiries and contracts.  To allow us to be more selective we augment the data obtained from enquiries and contracts with further data that you have made freely available to us or is publicly available. 

Unless you request that we do not do so, we may also share marketing data with our associates in the video and media industry, who may be able to offer services that you may want, but we cannot fulfil.  We do not pass data to third parties other than as described in this paragraph, or it is a legal requirement to do so.

Although marketing is a lawful basis for data processing under the GDPR (“legitimate interests”), [Trading name] is happy to respect any requests to opt out of our marketing activities. 

  1. Subcontracts and partnerships

When we subcontract work or undertake it in partnership with our associates, we need to process data for contractual reasons.  We will retain such data for as long as there is a prospect of further work with the people or organisations concerned.  We may also gather data in order to identify possible future subcontractors or partners.  In addition to these legitimate interests, there may be requirements to process personal data with respect to meeting legal obligations, for example in the context of tax. 

  1. Special category data

Occasionally, it may be necessary for us to process special category data.  This is data that is more sensitive, such as ethnic origin, sexual orientation, religion and health.  We do not keep or process such data unless necessary and we have your explicit consent.  However, we may occasionally, particularly in the context of health, need to be aware of any issues that a person has in order not to put them in harm’s way or cause distress and embarrassment.  We may need to make others aware of this as well.

The GDPR has several conditions for processing special category data.  We will only store such data if needed and we will always seek explicit consent for storing such data. 

DATA SECURITY

Your data are stored on password protected computers.  The passwords are only known to trusted individuals.  The computers are protected by commercial security software, which is kept updated as is the software used to process the data.  Access to the computers is locked when they are unattended.  The data are backed up both to local storage, which is also locked away when unattended, and to cloud-based storage using commercial providers. 

The GDPR requires that we report to the Information Commissioner’s Office (ICO), and the individual concerned, any data breaches likely to result in a high risk of adversely affecting individuals’ rights and freedoms. 

SUMMARY

Entify Media keeps and processes data only as you would reasonably expect to be needed to provide you with services (enquiries and contracts), and with information about what we can offer (marketing).  We protect your data as we would expect our own data to be protected.  We do not pass it on to third parties, except to those with whom we are working in relation to your interests.  You have several rights, including: the right to know why we keep your data, and how we process it; the rights to opt-out of, or restrict, certain processing; the rights to access your data and have it corrected; and the right to have certain data erased.  Further detail may be obtained by contacting us as shown below, or from ICO at https://ico.org.uk/

WHO ARE WE?

Entify Media is a trading name of 39bhr Limited, Company No. 10080836, Registered Office 5 Prospect Place, Millennium Way, Pride Park, Derby, England, DE24 8HG.  For further details of our data protection policies, or to opt-out of our marketing activities or exercise any of your other rights, please contact our Data Protection Compliance Officer, James Williams enquiries@entifymedia.com