As COLLECTIVE provides video, photography and advertising services to business clients, we have specific procedures in place to handle personal data in the course of our activities. We are committed to ensuring that any personal data that we handle is protected. Our use of personal data is in accordance with General Data Protection Regulation (EU) (“GDPR“) . This privacy statement endeavours to outline our implementation of our policy with regard to GDPR.
COLLECTIVE is the controller responsible for the personal data it collects, uses and stores about you. Please read this privacy notice so that you are fully aware of how and why we are using your information.
- What is personal data?
Personal data is any information that allows us to identify you. This could include information such as your name, image or likeness, postal address, telephone number, email address or date of birth.
2. Categories of personal data we collect and how we use it
We may collect, use, store and transfer different kinds of personal data about you which can be grouped together follows:
- Identity Data includes; first name, maiden name, last name and your image or likeness.
Contact Data includes; postal address, email address and telephone numbers.
We do not collect any personal data about criminal convictions and offences. However, if it is necessary to collect such information, we will only do so with your explicit consent and we will explain the purpose for which the information will be used at the point when we ask for your consent.
3. How is your personal data collected?
We may collect personal data from you through direct interactions. You may give us your Identity and Contact Data by corresponding with us by post, phone, email. This includes personal data you provide when you send a query about our products and services. We also collect your data through your image appearing in our videography or photography.
- The purpose and legal basis for processing your personal data
Under data protection law we are only permitted to use your personal data if we have a legal basis for doing so. We rely on the following legal bases to use your personal data:
– To enter into and perform a contract with you
We may use your personal data to enter into a contract with you or to provide you with a service that you have requested from us.
– To comply with a legal obligation
We are required to use your personal data to comply with certain legal and regulatory obligations to which we are subject. For example, we are obliged to obtain certain business records in accordance with company and revenue law requirements, which may include your personal data.
– With your consent
We may use your personal data for a particular purpose or particular purposes where you have expressly consented to us doing so. You can withdraw such consent at any time by contacting us using the contact details below.
- Your personal data and Third Parties
Third Party Service Providers
We may share your personal data with third party service providers who perform services and functions at our direction and on our behalf. Such third party services providers include accountants, legal advisers, administrative services providers and marketing agencies engaged by COLLECTIVE. COLLECTIVE ensures that any information shared with such third parties comply with the EU’s GDPR.
An Garda Síochána, government or quasi-government bodies, courts and tribunals
We may share your personal data with these organisations and bodies where required to do so by law.
6. Data Storage and Transferring Data
All data we collect from you is stored on password encrypted hard drives and stored within a locked and secure area in the COLLECTIVE office. When transferring data to you, we deliver it to you on password encrypted hard drives with an accompanying text message with the password for the hard drive. Alternatively, we can you send you a private vimeo link via email and an accompanying text message with the password for the video. It is vimeo’s policy to comply with the EU’s GDPR.
7. Storage Periods
The length of time we store your data depends on the arrangements/contracts we make together. The retention period may be longer than the period for which we are providing services to you, for example, where we have statutory or regulatory obligations within European legislation or where we may need to retain the information in the event of a legal claim. No data will be stored for longer than is necessary and is routinely deleted.
- Transfers outside the European Economic Area
We may transfer, store or process your personal data to countries outside the European Economic Area (“EEA”). Where the laws of such countries do not afford an equivalent level of protection of personal data as set within the EU’s GDPR, we take specific steps in accordance with data protection law to protect your personal data.
We’ll use one of these safeguards:
- – Transfer it to a non-EEA country with privacy laws that give the same protection as the EEA.
– Put in place a contract with the recipient of the personal data that means they must protect it to the same standards as the EEA.
- Your Rights
You have a number of rights under data protection law in relation to how we use your personal data. These include the right, free of charge, to:
- – Be informed about the personal data we hold about you and how we use that information.
– Obtain access to your personal data we hold.
– Have any personal data that we hold about you that you believe is incorrect, incomplete or inaccurate updated or corrected.
- – Have your personal data erased in the following circumstances:
a. If COLLECTIVE is continuing to process personal data beyond the period when it is necessary to do so for the purpose for which it was originally collected.
b. If COLLECTIVE is relying on consent as the legal basis for processing and you withdraw consent.
c. If the personal data has been processed unlawfully.
d. If it is necessary to delete the personal data to comply with a legal obligation.
e. If COLLECTIVE cannot offer a purpose of justification for keeping data.
10. Complaints and contact details
If you have any complaints, questions, comments or requests regarding any aspect of this data privacy notice, please do not hesitate to contact us by emailing us at email@example.com.