Katie Reddin-Clancy and KRC Productions is committed to protecting your privacy. When you interact with me online, by email, phone, or in person I sometimes receive personal information about you.
This policy tells you what information I keep, why, for how long, and who I share it with. This is called Processing data. I am a data processor (according to the new data law GDPR) explaining why and how I process it.
Why do I (process) information about you?
I write notes about projects or request information from you in order for me to quote or deliver you a project. You’ve consented for me to do so (through working with me, filling in an online form, signing up to emails via my Mailing List or getting in contact with me through my website, a referral or my agents) or because it’s part of our legitimate business interests, specifically proper administration of my website and running of my business. There’s more about Legitimate Interest later in this policy.
If you do not want me to hold your information, it is your right to withdraw consent at any time. Just contact me at firstname.lastname@example.org
How do I collect information about you?
I may collect information about you whenever you interact with me. For example, when you sign-up to a newsletter, ask about my business, work with me or otherwise give me any other personal information.
What information do I hold about you?
The information held may include: website cookies, email addresses, phone numbers, physical addresses (for invoicing), position and also some of your opinions (such as the email feedback you give me on my work and testimonials). I also hold information about any financial transactions you make with us (whether you’re a supplier or a client).
How do I store and protect your data?
I take the security of the data held very seriously.
- Electronic devices in my office are password protected
- Electronic contact data lists (such as lists of names, email addresses etc) held at my office are kept in an encrypted area
- Electronic data kept on our mobile devices is password protected
- Paper records (such as our annual accounts archive) are kept in a secure locked private office.
No data transmission over the Internet can be 100% fully guaranteed to be secure but I endeavour to protect your personal information as much as I possibly can.
Who is collecting the information?
When you are asked for personal information by me, you are sharing that information with Katie Reddin-Clancy and KRC Productions, for the purposes of the successful running of my business.
Is Information passed on?
Information is never sold. It is only passed on to third parties, who I believe have their own GDPR-compliant policies. Who would I pass on to:
- Suppliers, such as writers, editors, studios who I may work with – I would check with you first.
- Mail management systems: Google, Outlook, Mailchimp.
- Website hosting: WordPress (Our work / your testimonials with your name and company)
- My bank: HSBC
- Clients who ask for recommendations – I would check with you first.
When else might I pass your data on?
Data may be passed on for legal reasons, as part of the Freedom of information act or for my own legal reason, such as for use in legal proceedings or claims.
How long do we keep your information about you?
It is kept for as long as necessary to complete the work I’m undertaking for you. I will then keep you on our database for marketing purpose’s (My own, not any third parties). If you wish to be removed, you can tell me at any time. A ‘dissolution list’ (of who not to contact)’ will be kept indefinitely, to make sure you are not contacted again.
How can you delete or update your information?
It is your right to change or have me delete any or all of your information by contacting me at email@example.com
If you ask me to delete your information I will do so, but we will retain your details on the dissolution list, this ensures we don‘t contact you again. If we had had financial transactions they will obviously still be recorded by our banks.
When I buy from my suppliers, send invoices receive payments etc, this is handled solely by myself – Katie Reddin-Clancy.
About My Website and Analytics
My website is hosted in the UK. The European Commission has made an “adequacy decision” about the data protection laws of each country.
Your IP address is the unique number that identifies the computer you’re using. When you fill in our online form, your IP address will stored. Let me know if you’d like me to delete it.
What else should I know about my privacy?
Remember whenever you voluntarily disclose personal information online, that information can be collected and used by others. In short, if you disclose personal information online that is accessible to others, you may receive unsolicited messages from other parties in return.
You should be aware that if you access other websites to which I provide links, these are outside of my control. If you provide personal data to other companies, the privacy policies of those companies determine the uses to which that information is put and mine will no longer apply.
This policy may change from time to time, so please check back periodically. Ultimately, you are solely responsible for maintaining the secrecy of any information about yourself. Please be careful and responsible whenever you are online.
Data Protection Act
I am committed to the protection and privacy of your personal data, and as such are held in accordance with the Data Protection Act 1998.
For more information, see the UK government’s Data Protection website.
About My Legitimate Interest
Why do I believe I have a ‘Legitimate Interest’ to process your data?
The short answer:
I only contact businesses who rely on services like mine. I rely on them using companies like me, to stay in business. So processing the data is mutually beneficial. No harm or damage is done by my processing the data, and no-individual’s rights are affected. If I didn’t hold it, it would harm my ability to do business. I hold data securely and you can ask me at any time to delete your data.
The long answer:
I believe I have a ‘Legitimate Interest’ to process your data because…
– I only hold the data of individuals at companies (such as Ltd, PPL etc) never private individuals.
– I only use this data to market services which are directly related and of genuine interest to clients and potential clients (such as Voiceover services for Production companies).
– Processing the data is necessary to maintaining my business.
– GDPR identifies this processing activity as legitimate – The processing activity is essential to my business, so I can find new clients. I always specifically articulate my legitimate interest to my potential clients.
– The processing is critical to my business to stay profitable. For example, emailing potential clients is my main source of business. I only email businesses, never private individuals – unless you have requested me to use a private email. I believe this is a simple and clear explanation of why I hold and use data. I believe my holding this data does no harm at all to individuals. All data held is related to business contacts.
– The rights of the individuals, whose data I hold, are clearly articulated in my data policy (i.e. you can ask for me to remove or change your data at any time).
– There’s no other way of achieving my objectives, without disproportionate effort.
– The people I email expect to receive marketing emails from companies like mine offering services they may already use and be interested in. As a result I believe it is likely they will have considered and accepted the impact of them.
– My marketing material often contains useful information (modes of address and new trends in voiceover etc.) which certainly add value to the services the individuals I contact provide.
– Processing the data will not negatively affect individual’s rights or result in unwarranted harm or distress.
– If I were unable to process the data it would prejudice my business, making it significantly harder for me to find new business and making it significantly harder for our suppliers to work for me, prejudicing them also.
Processing is in the interest of the individual whose data it relates to, because it gives them access to services which they may need to continue running their business (such as voiceover services for production companies).
– The legitimate interests of the individual are aligned with mine, because my business provides services to other businesses. Those businesses rely on services such as mine to stay in business. Therefore my need to process their information presents a legitimate interest, not just for me, but the individual as well.
– The connection between the individual and organisation is: existing customer, lapsed/cancelled customer, client, prospect or supplier.
– Processing never limits or undermines the rights of individuals.
– My data has been collected directly and indirectly.
– The individual holds (and is informed of) the power to choose to change or delete (although I will keep a ‘dissolution list’ to ensure they are not contacted in the future.
– Individuals that we contact would absolutely expect me to use their information for my purposes (email marketing), it is standard business-to-business procedure, well established over the last 20 years.
– My processing cannot be considered intrusive or inappropriate. My contacts are business contacts. My marketing emails are infrequent (At most one a per month, unless I have a show on and then I offer discounts depending on box office availability).
– Individuals whose data is being processed can easily control my processing activity or object to it. Every communication has a clear option to change the information I hold or for the individual to be removed from my data.
– Any data I hold is either: in an encrypted electronic space or on password protected devices, all of which I believe protects your data
You can contact me by email at firstname.lastname@example.org