Thank you for visiting our website.
Safeguarding the privacy of our web site's visitors is something we take seriously. Not only because we want to. But we also have to :) This policy sets out how we use, store and transfer personal data in plain English.
We have an obligation to make sure your personal data is protected.
Apart from something delicious to eat with elevenses, a cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. A ‘persistent’ cookie will be stored by a web browser and will remain valid until its set expiry date unless deleted by the user before the expiry date; a ‘session’ cookie will expire at the end of the user session when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. Mostly cookies are used so that someone who actually understands how to interpret the data in Google Analytics can interpret it and make some actual sense of it so that we can continue to be in business and grow our revenue. This, in turn, allows us to hire more people, put food on all our tables, pay school fees for our kids, enjoy the occasional soccer match and attend the odd gig in the city centre (the one that getting home costs more than the ticket). Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can obtain up-to-date information about blocking and deleting cookies via the support pages made available by your browser operator.
You can at any time change or withdraw your consent from the Cookie Declaration on our website.
So what information do we collect about you?
1) We process data about the use of our site by using tools such as Google analytics and even heat maps. This data may include geographical information, what browser you used, how long you lingered on our site, what pages you looked at and what time of day you were looking. This type of data is anonymised by Google so don’t worry - we don’t know who you are or what you did last summer!
2) If you contact us via our website, social media, snail mail or any other way, we store that contact information both for record-keeping and to build up an email/contact list to let you know any news or announcements we have in the future. If you don’t want us clogging up your inbox and contacting you with our newest and cleverest marketing campaign – because let’s face it, there are enough companies doing it both with your permission and without – then you can unsubscribe and tell us to go away. We’re ok with that because the more people we have on our list, the more our email service charges. So if we have to pay, we’d rather pay for people who are interested in what we might have to tell them. It works both ways.
3) The information we keep about you on our system can get a little more detailed when it involves an actual project we are doing for you. It can tie you to a location and to payment details etc. and even to third parties if that is what the project requires. We guard this information carefully, as we do all information, use third party secure payment platforms such as Stripe or Transferwise etc. for international clients and delete the majority of the information when a project is complete and signed off and most importantly, paid for :)
4) If we have received your information from a third party via a referral from a current client who thinks we can help you or by an employer who wishes us to contact you for an interview, we treat it as we do all other data. Here’s the actual jargon in Article 6 of the General Data Protection Regulation that he above explains:
a) For the performance of a contract with you, or to take steps at your request prior to entering into a contract with you (Article 6(1)(b) GDPR). This may be our basis for processing correspondence data, enquiry data, matter data and transaction data;
b) For our legitimate interests (Article 6(1)(f) GDPR). This may be our basis for processing:
i) Correspondence and matter data (as we have an interest in properly administering our business and communications);
ii) Enquiry data (as we have an interest in developing our business with interested parties);
iii) Transaction data (as we have an interest in making and receiving payments promptly and in recovering debts);
iv) Any personal data identified in the other provisions of this Notice where necessary in connection with legal claims (as we have an interest in the protection and assertion of our legal rights, your legal rights and the legal rights of others);
v) Any of the personal data identified in the other provisions of this Notice in connection with backups of any element of our IT systems or databases containing that personal data (as we have an interest in ensuring the resilience of our IT systems and the integrity and recoverability of our data).
In addition to the specific purposes for which we may process your personal data set out above, we may process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject (Article 6(c) GDPR), or in order to protect your vital interests or the vital interests of another individual (Article 6(d) GDPR).
You got ‘em – and here are some of them.
a) Access - the right to know what we know about you and get a copy of it (for a fee)
b) rectification – the right to ask for something to be changed
c) erasure – the right to tell us to dump any information we have about you (unless of course we are suing you or you are suing us)
d) restrict processing – the right to tell us not to do certain things with your information (May not be possible if it has anything to do with a lawsuit – even from a third party).
e) Object to processing – the right to tell us to do nothing with your information (as above).
f) Data portability – the right to take all your data that we have on you and give it to someone else (unless it infringes on the privacy of a third party).
g) Complain to a supervisory authority – the right to contact the Data Commissioner if you think we’re mishandling your data.
Any requests for the above must be submitted to us in writing to:
Data Processing GoodLooking Films
1 Windward Way
When can we share your data with others?
We may disclose your personal data to our insurers and/or professional advisers when it comes time to renew our insurance policy and talk about risk management with professional advisors or legal entities. That might include disclosing personal data (storage servers), data to CRM systems (Mailchimp), transaction data (accountant, Stripe etc.).
Our third party suppliers are not allowed to use any data supplied to them by us for their own marketing purposes. If any part of our business or operations is sold or transferred to, or integrated with, another organisation, your personal data may be disclosed to that organisation.
We have in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those officers, employees and freelancers who have a business need to know. They will process your personal data only on our instructions and they are subject to a duty of confidentiality. If we suspect our data has been breached, we will notify you immediately.
This notice may be updated from time to time in accordance with any Data Protection obligations. We assure you that this is akin to pulling teeth for us creative types and will only be modified if we absolutely have to!
Third parties and security
The site contains links to third-party websites. Those links are meant to be helpful – especially in our FAQ section and our Blog and let’s be honest – if those people we link to do us the favour of linking back to us – then everyone is happy as Google thinks we’re all great. You know the saying – Google doesn’t love you until everyone else loves you first! If, however, you follow any of these links and they turn out to have pulled the wool over our eyes and they are not as reputable or honest with their data processing as we are, then I’m afraid that’s on you. It’s your duty to do your own due diligence. Now having said that – we try to make sure we recommend and link to only reputable companies because to do otherwise would negatively affect our ranking on Google, which is not our goal.
Having said all of the above – it is worth mentioning that the internet, by nature, is insecure. We can’t, beyond a shadow of a doubt, guarantee anything with regard to the security of the data we store. There are some very clever and bored hackers out there whose only goal is to cause mischief or be the next Snowdon. However, we don’t believe the data we hold is in that league or even that interesting. All we can say is that we do our best to keep it under virtual lock and key.
How to contact us
1 Windward Way
Tel: 087 3891307
Effective: August 2019