Brick Studios Data Protection Policy May 2018
We are committed to protecting your privacy and ensuring that any information you choose to provide us or is collected during your visits to the Brick Studios website is in full compliance of the Data Protection Act. All such information will remain strictly confidential, and used only for the purpose described at the time of the submission.
This privacy statement discloses the types of information we gather, how we use it and how to correct or change it.
Who we are
Brick Studios Limited (company number 10881922) is the data controller in relation to the processing of the personal information that you provide to us when you use our Services. Its registered address is 32 Shacklewell Street, London, E2 7EG. If you have any queries relating to our use of your personal information, or any other related data protection questions, please contact us at email@example.com.
How do we collect personal information
We may obtain personal information from you through our website – firstname.lastname@example.org. At certain points during your visit to our website we may ask you to enter personal details such as your name and email address. You may also be asked whether you consent to use of that data and for what purposes. We will not use your data except to fulfil a request you make when disclosing those details, or if you consent to receiving marketing and promotional contents time to time.
We might request you personal information:
• When you contact us via our “Availability Email Sign Up”
• When you contact us via email or telephone
• When you contact us via our social media platforms
This information may be used to speed up form filling, or to personalise, or improve your experience when using the Site.
What personal information do we collect
We collect personal information about you when you give this to us in the course of signing up for and/or our last minute emails or filling out a booking form in relation to your hire. For example we may collect your name, address, email address or telephone number. This might be, for example, to confirm your hire or to email you about last minute/11th hour availability or discounts. In the course of providing the Services to you, our hosting site may also store general information about how you use our Sites, for example, the pages viewed, the website from which you came to visit our Sites. All financial transactions are handled by a third-party provider for which we do not store any payment details anywhere online or offline. We make sure that we have appropriate security measures to protect your information. We will periodically review your personal information to ensure that we do not keep it for longer than is permitted by law.
How do we use personal information?
We may use your personal information:
1. to enable you to access and use the Services;
2. to personalise and improve aspects of our Services;
3. for research, such as analysing market trends and customer demographics;
4. to communicate with you, including some or all of the following:
4.1 sending you information about our studio services and offers - If you agree, we will contact you via email, post or telephone to let you know about our offers and availability.
4.3 sending you a confirmation email of any hire you make.
5. to process a transaction for services provided to you.
6. to enable you to share our content with others, e.g. by using any 'Email a friend' or 'Share this' functionality on our Sites.
How do we process your personal information
We will only collect and use your personal information in accordance with data protection laws. Our grounds for processing your personal information are as follows:
1. Consent – Where necessary we will only collect and process your personal information if you have given your consent for us to do so, for example, we will only send you certain marketing emails and process any sensitive information about you if we have your consent.
2. Legitimate Interests – We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under European privacy laws there is a concept of “legitimate interests” as a justification for processing your personal information. Our legitimate interests for processing your personal information are:
2.1 to communicate with you about the Services. We need to keep you informed about your use of the Services for example sending you a confirmation email of your hires. This won’t include marketing communications unless you have given us your consent to receive these; and
2.2 to improve our Services. We may use your personal information to: personalise aspects of our service; for market research. We constantly aim to improve our Services to you and using your personal information in this way helps us to do this.
From May 2018, you will have a right to object to our use of your personal information for these legitimate interests including where we may use your personal information to create a profile to inform customer demographics. If you raise an objection we will stop processing your personal information unless very exceptional circumstances apply, in which case we will let you know why we are continuing to process your personal information. Please contact us at email@example.com if you wish to exercise this right.
Who do we share your personal information with?
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
What cookies do we use
A cookie is a very small text file placed on your computer or device. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. Cookies help us to:
1. understand browsing habits on the Sites;
2. understand the number of visitors to the Sites and the pages visited; and
3. remember you when you return to the Sites so we can provide you with access to information you have previously shown interest on.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
Most cookies are deleted as soon as you close your browser; these are known as session cookies. Others, known as persistent cookies, are stored on your computer either until you delete them or they expire. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of our Sites and could prevent you from completing some purchases through our Sites.
Required - we use a set of cookies which are critical to the functionality of the Sites. They are used to keep a user logged in to the site and to remember previous activities within the site should the user return to a Site.
Functional - we use a set of cookies to track visitors to help us understand how customers use our Sites. These cookies are only used to help improve users' site experience. The cookies are placed on the user's first visit to a Site and they track the user through the Site, where they go, where they drop off, what pages they have problems with, etc.
Like many sites, we use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.
How secure is our site
Your personal data’s security is very important to us. This is why, where it’s appropriate, our Sites use HTTPS to help keep information about you secure. However, no data transmission over the internet can be guaranteed to be totally secure. Certain information, for example, your credit card details, is encrypted to minimise the risk of interception during transit.
You may complete a registration process when you sign up to use parts of the Sites. This may include the creation of a username, password and/or other identification information. Any such details should be kept confidential by you and should not be disclosed to or shared with anyone.
It might sometimes be necessary for us to transfer your personal information outside of the European Economic Area (EEA) to locations that may not provide the same level of protection as the UK. However, we will only transfer your personal information out of the EEA if we have put in place appropriate safeguards and protections as stated under UK law for example by the use of a data-transfer agreement incorporating certain standard model protection clauses.
Third party links
Third party data processors
Occasionally we have to take advantage of third party systems to make sure we can properly fulfil our obligations to you. Below are a list of a few third party data processors we use:
1. Tracking - We use Google cookies, tracking and analytics on our website.
2. Emails - We use Google’s email servers to store all our emails. Google has their own safeguards in place to ensure the server’s security. All the emails are stored in a server located within the EU.
3. Telephones - We do not record our calls. All calls made and received are by our fixed telephone line (no VOIP). The caller information might be stored by our phone provider in the UK.
4. Social Media Platforms - We use Social Media Platforms including but not limited to Facebook and Instagram to monitor our social media responses, queries and interests.
5. Email Marketing - We use external email marketing systems to send our regular marketing emails and newsletters. All our marketing emails will give you the option to unsubscribe from a particular email list or to update your preference.
6. Payment Process - We do not process any payments directly on our website. All payments are made by the cardholder after our invoice distribution.
None of our third-party data processors will contact you or pass on your information to external companies unless required to do so by Law.
How can you amend your preference
Our external email marketing system will always offer you the option to opt out of our mailing list. If the email is sent directly to you through our email, firstname.lastname@example.org, please contact us directly to exercise this right.
Should you no longer wish to be contacted by us, you can advise us at any time by contacting us on 0207 729 2342 from the UK, +44(0)207 729 2342 from abroad - lines are open Monday to Friday 9.00 to 18.00 or by sending an email to email@example.com.
Your personal data rights and how to contact us
You have certain rights under existing data protection legislation including the right to request a copy of the personal information we hold about you, if you request it from us in writing.
From May 2018 you will have the following rights:
1. Right to access: the right to request copies of your personal information from us;
2. Right to correct: the right to have your personal information rectified if it is inaccurate or incomplete;
3. Right to erase: the right to request that we delete or remove your personal information from our systems;
4. Right to restrict our use of your information: the right to ‘block’ us from using your personal information or limit the way in which we can use it;
5. Right to data portability: the right to request that we move, copy or transfer your personal information;
6. Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests
If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may be able to refer your complaint to the relevant data protection regulator which in the UK is the Information Commissioner’s Office.
How long do we keep your personal information?