We (the company) respect your privacy and comply with GDPR. Any data held by us (website, software, documents, subscription) is held on the following basis: Consent, Contract, Legal Obligation, Vital Interests, Public Task or Legitimate Interest. Personal Data (including but not limited to name, email, phone number, address and payment details) are necessary for us to contact you and to make payments, where applicable.
If you have any issues or object to us holding your data and would like us to delete it please email our Data Protection Officer email@example.com.
We encourage you to read the full policy carefully and contact us (firstname.lastname@example.org) with any questions or concerns about our privacy practices.
This policy explains how personally identifiable information (Personal Data) is collected, how it is used, kept secure and your rights in relation to it.
We (the company) are committed to transparency about how we collect and use personal data including the data of our employees, sub-contractors, people we engage on a freelance basis and actual and potential clients/customers of our services at Loop Talent Ltd. We comply with the GDPR regulations when dealing with personal data.
This policy applies to the data of all of these such persons.
The data controller at Loop Talent Ltd can be contacted at email@example.com.
What information do we collect?
Personal Data (including but not limited to name, email, phone number, address, invoicing and payment details) are necessary for us to contact you and to make payments, where applicable.
How do we use personal information?
The personal information collected and held will only be used for admin reasons, most notably invoicing and liaising with our roster in order to brief and advise them on work.
What legal basis do we have for processing your personal data?
We hold personal data under the following permitted reasons provided by the GDPR:
(a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose.
(b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.
(c) Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).
(d) Vital interests: the processing is necessary to protect someone’s life.
(e) Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law.
(f) Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
When do we share your personal data?
We will not sell your data and will not share your Personal Data with any third parties without your prior consent and except where required to do so by law.
We may pass some of your Personal Data to our roster in order to advise on work and/or job meetings, contracts or agreements.
Where do we store and process personal data?
Data will be typically stored on our CRM (Client Relationship Management) Tools, accounting, admin and diary systems.
How do we secure personal data?
Operational security has been implemented in order to protect Personal Data from loss, misuse and unauthorised deletion or alteration. Electronic data is held in the Cloud, encrypted, password protected and backed up regularly.
How long do we keep your personal data for?
Loop Talent Ltd. will retain Personal Data unless advised otherwise by the client or at the point where the relationship ceases. We may retain data to comply with our legal obligations or meet regulatory requirements.
Your rights in relation to personal data
As a data subject, individuals have a number of rights in relation to their personal data.
Subject access requests
Individuals have the right to make a subject access request. If an individual makes a subject access request, the organisation will tell the individual:
- whether or not their data is processed and if so why, the categories of personal data concerned and the source of the data if it is not collected from the individual;
• to whom their data is or may be disclosed, including to recipients located outside the European Economic Area (EEA) and the safeguards that apply to such transfers;
• for how long their personal data is stored (or how that period is decided);
• their rights to rectification or erasure of data, or to restrict or object to processing;
• their right to complain to the Information Commissioner if they think the organisation has failed to comply with their data protection rights; and
• whether or not the organisation carries out automated decision-making and the logic involved in any such decision-making.
We will also provide the individual with a copy of the personal data undergoing processing. This will normally be in electronic form if the individual has made a request electronically, unless they agree otherwise.
To make a subject access request, the individual should send the request to firstname.lastname@example.org requesting for, specifically a subject access request. In some cases, the organisation may need to ask for proof of identification before the request can be processed. We will inform the individual if it needs to verify their identity and the documents required.
We will normally respond to a request within a period of one month from the date it is received. In some cases, such as where the company processes large amounts of the individual’s data, we may respond within three months of the date the request is received. The organisation will write to the individual within one month of receiving the original request to tell them if this is the case.
If a subject access request is manifestly unfounded or excessive, we are not obliged to comply with it. Alternatively, we can agree to respond but will charge a fee, which will be based on the administrative cost of responding to the request. A subject access request is likely to be manifestly unfounded or excessive where it repeats a request to which we have already responded. If an individual submits a request that is unfounded or excessive, we will notify them that this is the case and whether or not it will respond to it.
Individuals have a number of other rights in relation to their personal data. They can require the company to:
- rectify inaccurate data;
• stop processing or erase data that is no longer necessary for the purposes of processing;
• stop processing or erase data if the individual’s interests override the organisation’s legitimate grounds for processing data (where the company relies on its legitimate interests as a reason for processing data);
• stop processing or erase data if processing is unlawful; and
• stop processing data for a period if data is inaccurate or if there is a dispute about whether or not the individual’s interests override the organisation’s legitimate grounds for processing data. To ask the company to take any of these steps, the individual should send the request to the email address on our website – email@example.com.
We take the security of personal data seriously. The company has internal policies and controls in place to protect personal data against loss, accidental destruction, misuse or disclosure, and to ensure that data is not accessed, except by employees in the proper performance of their duties.
If the company discovers that there has been a breach of personal data that poses a risk to the rights and freedoms of individuals, it will report it to the Information Commissioner (ICO) within 72 hours of discovery. The organisation will record all data breaches regardless of their effect.
Individuals are responsible for helping the company keep their personal data up to date. Individuals should let the company know if data provided to the company changes, for example if an individual moves house or changes their bank details.
Individuals may have access to the personal data of other individuals [and of our customers and clients] in the course of their [employment / contract]. Where this is the case, the organisation relies on individuals to help meet its data protection obligations to staff [and to customers and clients].
Individuals who have access to personal data are required:
- to access only data that they have authority to access and only for authorised purposes;
• not to disclose data except to individuals (whether inside or outside the company) who have appropriate authorisation;
• to keep data secure (for example by complying with rules on access to premises, computer access, including password protection, and secure file storage and destruction);
• not to remove personal data, or devices containing or that can be used to access personal data, from the company’s premises without adopting appropriate security measures (such as encryption or password protection) to secure the data and the device;
• not to store personal data on local drives or on personal devices that are used for work purposes; and
• to report data breaches of which they become aware to the Data Privacy Officer firstname.lastname@example.org immediately.
Failing to observe these requirements may amount to a disciplinary offence, which will be dealt with under the company’s disciplinary procedure. Significant or deliberate breaches of this policy, such as accessing employee or customer data without authorisation or a legitimate reason to do so, may constitute gross misconduct and could lead to dismissal without notice.
Cookies are small text files that are placed on to your computer by websites that you visit. They are used to make websites work, to improve efficiency of websites, to improve the user’s experience and to provide usage information on websites. This information should make your website visits more productive by storing and using information on your website preferences and habits.
Your web browser can choose whether or not to accept cookies. Most web browser software is initially set up to accept them. For more information on how to control cookies, check your browser or device’s settings for how you can control or reject cookies, or visit the following links:
Microsoft Internet Explorer
Iphone or Ipad (Chrome)
Iphone or Ipad (Safari)
In addition, you may opt-out of some third-party cookies through the Network Advertising Initiative’s Opt-Out Tool.
By continuing to use this site, you are accepting our use of these cookies that help us to improve the site.
If you have any questions relating to this policy please contact email@example.com.
Linking to other websites / third party content
- The content of the pages of this website is for your general information and use only. It is subject to change without prior notice.
• Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
• This website contains material which is owned by us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited.
• This website contains material provided by third parties which form the basis of our client showreels and visual content. This material is provided for your convenience to give further information. We accept no liability for any claims associated to this material on the website.
• Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
• This website may also include links to other websites. These links are provided for your convenience to give further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
• Every effort is made to keep the website up and running smoothly. However, we take no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.
• Your use of this website and any dispute arising out of such use of the website is subject to the laws of England and Wales.
How to contact us
If you have any questions relating to this policy, please email firstname.lastname@example.org