General Data Protection Policy (including Staff Records)
Scope of the Policy
At Seven Studios UK Limited we hold information protected by the General Data Protection Regulations (GDPR) and the Data Protection Bill 2018, including personal data about our employees and staff, clients, suppliers, customers and other individuals, for a variety of business purposes.
Everyone working for us has a legal obligation to ensure that we comply with the requirements of the GDPR and follow the safeguards we have implemented in order to best protect all the Personal Data we hold.
This policy sets out how Seven Studios UK Limited will seek to protect personal data and individuals’ rights and obligations in relation to their personal data. This policy should be read in addition to our Policies relating to staff use of the internet and e-mail.
The person(s) responsible for this policy and Data Protection compliance in the Company is Claire Browne.
This Policy should be regarded as a living document that may be amended by us at any time, to ensure our ongoing compliance with The General Data Protection Regulations (effective 25th May 2018) and the UKs Data Protection Act 2018.
In this policy Seven Studios UK Limited with registered office at Henry Wood House, 2 Riding House Street, London, W1W 7FA, (Company or we) informs you about how we collect, use and disclose personal data from and about you, through this website www.seventstudiosuk.com and our associated web sites.
Effective Date – January 2020
Personal Data is data we gather which relates to a living individual who can be identified from that data, or from that data in conjunction with other readily available information, e.g. their name, address, images, telephone numbers, personal email addresses, date of birth, bank and payroll details, next of kin, passport particulars etc. It can also include data such as IP addresses and data automatically collected when using computers and the internet, as well as educational background (certificates, diplomas, education, skills, CV), skills, marital status, nationality, job title, contact details, references, attendance records, performance records and so on.
This data may be collected from the individual themselves or provided by other parties, and may be in paper or electronic format.
Special Category Data is data that relates to an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership (or non-membership), physical or mental health matters, sexual orientation/life, genetic and biometric data.
Criminal Records data means information about an individuals criminal convictions and offences, and information relating to criminal allegations and proceedings.
Processing is any use that is made of data, including collecting, storing, amending, disclosing or destroying it.
Our Data Protection Principles
The GDPR protects individuals’ rights concerning information about them that is held on computer. Anyone processing personal data must comply with the eight principles of good practice, which are that data must be:
We will not process personal data obtained for one purpose for any unconnected purpose unless the individual concerned has agreed to this, or would otherwise reasonably expect this.
We might collect data from and about you. In particular, the Company may collect;
Name, Address, Email address, Telephone Contact numbers, Age range, a Profile Picture and Personal information relating to our TV production.
However, we do not collect either financial information from a payment service provider or sensitive data relating to you. For further information, please go to paragraph 2.
The main reason why we collect data about you is to provide you with Company Services and to allow you to interact with those services.
For further information, please go to paragraph 3.
Your personal data is mainly collected in order to provide you with Company Services.
Your personal data is also necessarily collected to comply with legal obligations or to pursue the legitimate interests of the Company.
If you don’t provide the data we won’t be able to offer you the Company Services.
For further information, please go to paragraph 4.
The security of your data is a priority for us. We have implemented adequate administrative, technical and physical measures designed to safeguard your personal data against loss, theft and unauthorised use, disclosure or modification.
For further information, please go to paragraph 5.
We might share your personal data with: (i) service providers; (ii) our affiliated companies; and (iii) national authorities, when allowed by the applicable laws.
For further information, please go to paragraph 6.
Your personal data might be transferred to other countries within or outside the European Economic Area. We always make sure that appropriate and suitable safeguards compliant with applicable laws are in place to protect your personal data.
For further information, please go to paragraph 7.
You have a number of rights with regard to your personal data and these include the right to access, complete, update, amend and delete your personal data.
For further information, please go to paragraph 8.
The personal data we collect is retained for only for the period necessary to fulfil the purposes for which that data is collected.
For further information, please go to paragraph 9.
You can contact us at the following email address firstname.lastname@example.org.
The Company Services are for a general audience, are not targeted at children, and do not knowingly collect personal data from children under 16 years of age, unless in exceptional circumstance.
The Company collects the following types of data from and about you:
We do not collect:
We use the personal data we collect from and about you to:
The processing of your personal data for the purposes of:
We process your personal data through both electronic and manual means. It is protected by adequate security measures, taking into account the state of art, the costs of implementation and the nature, scope, context and purpose of processing as well as the risk to the rights and freedoms of individuals. In particular, we use appropriate administrative, technical, personnel and physical measures to safeguard personal data of yours in the Company’s possession against loss, theft and unauthorised use, disclosure or modification.
We may share your personal data for the purposes set out in Paragraph 3 to the following categories of recipients located within the European Union or outside of the European Union in compliance with and within the limits of the provisions of Paragraph 7:
Your personal data may be transferred to other countries (including countries other than where you are based that have a different data protection regime than the one existing in the country where you are based). If you are located in the European Economic Area (EEA), this may include countries outside of the EEA and in particular the United States. You can find the list of member states by clicking on the following link: https://europa.eu/european-union/about-eu/countries/member-countries_en. We have adopted appropriate safeguards to protect your personal data regardless of where it resides. Further information can be provided by filing a request to the Company as in Paragraph 11 of this Privacy Notice.
You have the right to:
We will retain your data only for the period necessary to fulfil the purposes for which the data was collected for Pooch Perfect and My Dream Lottery Home International. The following retention periods will apply to the processing of your personal data:
At the end of the retention period your personal data will be either cancelled, anonymised or aggregated.