Privacy Notice – Effective from 25 May 2018
What is this about?
The EU General Data Protection Regulation, which applies from 25th May 2018, gives people more control over how their personal data is used. The regulation sets out your rights as an individual regarding how your personal data is collected, used and stored, including your rights to have your data corrected or removed.
We take the privacy and security of your personal information very seriously and we are committed to protecting and respecting your privacy.
This notice sets out the purpose for which personal data that we collect from you, or that you provide to us, will be processed by us. This applies whether your personal data was obtained directly by us or provided to us from other sources. Please read it carefully to understand how we will treat your data.
Who are we?
The Voiceover Gallery Ltd, a company registered in England and Wales under company number 5112609, whose registered address is The Voiceover Gallery Ltd, 110 Timber Wharf, 32 Worsley Street, Manchester M15 4LD.
References to “we” or “us” are to The Voiceover Gallery Ltd.
What do we do?
The Voiceover Gallery Ltd provides a professional voice agency, recording studios and localisation services.
Your personal information
We may collect information from you in a number of ways:
You may give us personal data in different ways, for example by completing forms, corresponding with us by phone, email, in writing or any other way.
The information which you give us to hold and process may include, for example: Name(s), Address, Post Code, Email Address, Date of Birth, Mobile Phone Number, Home Telephone Number, Gender, National Insurance Number, Previous Address Details, etc.
We may also process and hold other information which you give to us, for example: Personal Bank Details, ID Documents, Occupation, Employer Address, Employer Name, Employer Post Code, etc.
When you open an e-mail from us we may also collect technical information about your device and connection and information about your interaction with that email, such as whether you open that email.
If we process any special category data, such as health related information, you will be informed and asked for your consent. There might be cases where we have already obtained special category data which may have been required at that time. In these cases, we must retain this information should applicable laws and regulations require us to do so.
These details are not exhaustive or definitive of the data we may process.
Do we receive information from other sources?
We may receive information about you from third party service providers such as Credit Reference Agencies, Payment Service Providers or Industry News etc. We may also combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out in this Privacy Notice (depending on the types of information we receive).
Deciding whether to provide us with personal information
Depending on the nature of our interactions with you, there may be certain essential personal information that we have to collect from you so that we can provide you with the information or services that you have requested. This will vary depending on the relationship we have with you. We will always aim to make clear which personal data it is necessary for you to provide and which personal data is optional. However, if you are unsure as to whether you are required to provide us with any particular piece of personal data please ask us.
How do we use your personal information?
We may use information we hold about you in the following ways:
- To provide services to you under our contract with you
- Where you have expressly consented to us doing so, to respond to other enquiries you make to us.
- Where it is necessary to comply with a legal obligation.
- Where we otherwise have a legitimate interest in doing so.
How do we share and disclose your personal information?
We will never sell, trade, or rent your personal information to third parties.
We will only share your data with a third party in the following circumstances:
- To entities that we are required to disclose the data to in connection with the performance of our contract with you
- To providers of outsourced services that process data on our behalf in order that we can provide our services
We may also share your data with third parties if we are under a duty to share your data in order to comply with any legal or regulatory obligation, in order to enforce or apply such other terms as they might apply to our relationship, or to protect the rights, property or safety of our customers, ourselves or others. This includes exchanging information with other companies and organisations for the purpose of fraud prevention and the detection of financial and other crime.
How do we keep your personal data secure?
We will only collect and use personal information in accordance with this Privacy Notice and to the extent permitted by applicable law. We will maintain appropriate safeguards to ensure the security, integrity, accuracy and privacy of the information you have provided. In addition, we will take reasonable steps to ensure that third parties to whom we transfer any personal information provide sufficient protection of that information.
We will keep your personal data secure in accordance with our legal responsibilities. We will take reasonable steps to safeguard your personal data against it being accessed unlawfully or maliciously by a third party.
We also expect you to take reasonable steps to safeguard your own privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted and only using secure methods of postage when original documentation is being sent to us.
How long will we keep hold of your data?
Your personal data will be held by us either electronically or in paper format for a minimum of six years. In instances which we have a legal right to such information we will keep records indefinitely.
We are required by law to hold your information for as long as is necessary to comply with our statutory and contractual obligations and in accordance with our legitimate interests as data controller. The period for which we hold non-client data will vary depending on the type of information and the reason why we collected it from you.
We retain the right to hold archived data if we believe this is required to exercise or defend legal claims.
What are your rights under the General Data Protection regulation?
Right of access – You have the right to request a copy of the personal information we hold about you at any time.
Right to rectification – If at any time you believe that the data we hold for you is inaccurate or incomplete you may ask us to correct it or remove it. We will be happy to review, update or remove information as appropriate, but please be aware that we may need to retain your information on our files to resolve disputes, or for technical and legal requirements. If for any reason we are not taking action to your request for rectification we will explain to you the reason why and what rights you have at that time.
If we have disclosed your information to a third party we will also contact them to inform them of the rectification.
Right to withdraw your consent – Where we are processing your data because you have consented to us doing so, you have the right to withdraw your consent to us processing your data at any time. Please note however that the withdrawal of your consent will not affect any use of your personal information made before you withdrew your consent.
Right to object to processing – Where we are processing your personal data because we have a legitimate interest in doing so, you have the right to object to that processing.
Right to restrict processing – You have the right to “block” or suppress processing of personal data requiring us to restrict the processing of personal data:
- Where you contest the accuracy of the personal data we hold, we will restrict the processing until we have verified the accuracy of the personal data
- When the processing is unlawful and you oppose erasure
- If we no longer need the data but you require the data to establish, exercise or defend a legal claim
- If you have objected to our processing of your personal data
- If we have disclosed your personal data to third parties we will contact each recipient and inform them of the restriction on processing, unless this proves impossible
- We will inform you if and when we decide to lift a restriction on processing
Right to erasure – This known as the “right to be forgotten”. You have the right to request us to erase all personal data about you, such as where the data is no longer necessary for the purposes for which it was originally collected and there is no compelling reason for retaining it. We reserve the right to retain your personal data if we have a valid reason to do so, such as the exercise or defence of legal claims or to comply with a legal obligation.
Exercising your rights
If you want to exercise any of your rights described in this Privacy Notice, you may contact us using the details provided at the end of this Privacy Notice.
We will aim to comply with your request within one month, but this may take longer where the request is complex. If we are not able to comply we will explain why and inform you of your right to complain.
Please note that if as a result of complying with your request we do not have the data we need or we are unable to process it, we may be unable to supply you with the services you asked us to provide.
If you are not satisfied with how we have handled your personal data – if it is wrong, it has been lost or we have disclosed it to someone else without your agreement, then you can complain to the Information Commissioner’s Office at www.ico.org.uk or by telephoning 0303 123 1113.
We reserve the right to revise or supplement this Privacy notice from time to time. If we do, we will notify you accordingly.
For more details, you can contact the Data Protection Officer by email at firstname.lastname@example.org or alternatively please write to us at our registered office.