Privacy Policy

 

  1. Introduction
    1. We, Laura Holmes Production Limited (with ‘we’, ‘our’ or ‘us’ being interpreted accordingly) are committed to protecting your privacy and personal information. Personal information relating to you from which you can be identified that we collect or which you provide is called personal data (‘Personal Data’).
    2. This privacy notice (‘Privacy Notice’) tells you about the Personal Data we collect about our clients and contacts, how we handle or process such Personal Data and who we may share it with. This Privacy Notice also provides information on your legal rights in relation to your Personal Data.
  2. Changes to this Privacy Notice
    1. From time to time we may change the way we use your Personal Data and amend this Privacy Notice. Please check that you have seen the latest version.
    2. If the changes to this Privacy Notice are significant we may inform you by email or other communication.
  3. Our legal obligations regarding your Personal Data
    1. We collect and process your Personal Data in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) (‘GDPR’) and the UK Data Protection Act 2018 (‘DPA’) together with other applicable UK and EU laws that regulate the collection, processing and privacy of your Personal Data (together, ‘Data Protection Law’).
  4. What Personal Data do we collect and use?
    1. The Personal Data about you that we collect and use may include the following: your name, address, phone number, email address and other contact details; your job role; photos of you; information relating to your work or career experience; invoicing or payment details; information regarding your travel arrangements; information regarding your food and drink preferences; information regarding your personal and professional interests; records of our interactions and relationship with you; and opinions about you, as well as any other Personal Data that you may provide to us from time to time.
    2. Please also note that some of the Personal Data you supply and that we process may include what is known as ‘sensitive’ data about you, for example, information indicating your racial or ethnic origin or religious beliefs, political opinion, sexual orientation, any information regarding criminal records or concerning your health.
  5. How your Personal Data is collected
    1. We collect Personal Data about you in various ways as follows:
      (a) directly from you through your relationship and communications with us with us, for example, during contact by email or phone as we plan a shoot, or during face to face exchanges during a shoot;
      (b) directly from a third party e.g. from your employer or your agent;
      (c) from your profiles on social media or professional networking platforms e.g. Instagram or LinkedIn;
      (d) our CCTV and access control systems if you visit our office.
  6. Information about third parties
    1. Please ensure that any Personal Data you supply to us which relates to third party individuals is provided to us with their knowledge of our proposed use of their Personal Data.
  7. The lawful grounds on which we collect and process your Personal Data
    1. We process your Personal Data for the reasons set out in this Privacy Notice relying on one or more of the following lawful grounds:
      (a) where you have freely provided your specific, informed and unambiguous consent for particular purposes;
      (b) where we agree to provide services to you, in order to take any pre-contract steps at your request and/or to perform our contractual obligations to you;
      (c) where we need to use your Personal Data for legitimate purposes relevant to us being able to operate, administrate, market and keep records of our business activities. We will always seek to pursue these legitimate interests in a way that does not unduly infringe on your other legal rights and freedoms and, in particular, your right of privacy;
      (d) where we need to protect your vital interests or those of someone else (such as in a medical emergency); and/or
      (e) where we need to collect, process or hold your Personal Data to comply with a legal obligation.
    2. If we process sensitive data as referred to under paragraph 4.2 we will only do this with your explicit consent, where needed to comply with applicable social security or social protection laws, to protect your vital interests (or those of someone else) in an emergency, where you have already publicised such information or, where we need to use such sensitive data in connection with a legal claim that we have or may be subject to.
  8. What we use your Personal Data for
    Other than as stated above, we may use your Personal Data for one or more of the following purposes:
    (a) To provide our services: to communicate with you regarding our plans, activities and invoicing, to make arrangements on your instructions or on your behalf, and to keep records of the services provided and the connected documentation.
    (b) Operational purposes: to continue to operate our business, improving efficiency, training and quality control, staff and resource planning and administration, as far as possible ensuring our sets are safe, practical and pleasant for all everyone involved, ensuring that our internal policies and procedures are being adhered to, and keeping records of our activities and all transactions.
    (c) Keeping in touch: we may contact you from time to time regarding potential further opportunities to work together.
    (d) For any other purpose required by applicable law, regulation, the order of any court or regulatory authority: this may include processing in order to ensure safe working practices and to ensure that records of transactions are retained.
    (e) To enforce and/or defend any of our legal claims or rights.
  9. Disclosing your Personal Data to third parties
    1. We may need to disclose your Personal Data to certain third party organisations who are handling that data only on our behalf and in accordance with our instructions under contract (called ‘data processors’) in the following circumstances:
      (a) companies that act as our service providers (e.g. IT suppliers or data hosting companies), insurers or professional advisers; and
      (b) companies or individuals who assist us in providing services you have requested or which you have agreed to assist us to provide (e.g. photographers, venue providers, talent agents).
    2. We only allow these data processors to handle your Personal Data if we are satisfied they take appropriate measures to protect your Personal Data. We also impose contractual obligations on service providers relating to ensure they can only use your Personal Data to provide services to us and to you.
    3. We may also disclose your Personal Data to third parties who make their own determination as to how they process your Personal Data and for what purpose(s) (called ‘data controllers’), such as any agent or bank you ask us to disclose or share your Personal Data with. These third party data controllers external to us and will handle your Personal Data in accordance with their own chosen procedures and you should check the relevant privacy policies of these companies or organisations to understand how they may use your Personal Data. Since these controller organisations are acting outside of our control, we have no responsibility for their data processing practices.
    4. Other than as described above, we will treat your Personal Data as private and will not disclose your Personal Data to third parties without you knowing about it. The exceptions are:
      (a) in relation to legal proceedings or where we are legally required to do so and cannot tell you;
      (b) in the context of the possible sale or restructuring of the business. In this situation we will, so far as possible, share anonymised data with other parties before the transaction completes. Once the transaction is completed, we will share your Personal Data with the other parties if and to the extent required under the terms of the transaction.
    5. In all cases we always aim to ensure that your Personal Data is only used by third parties for lawful purposes and in compliance applicable Data Protection Law.
  10. International transfers
    1. To deliver our services, it is sometimes necessary for us to share your Personal Data outside the European Economic Area (EEA), e.g. with your and our service providers located outside the EEA, if you are based outside the EEA or where there is an international dimension to the services we are providing.
    2. Where this means that we may need to transfer your Personal Data to a territory whose laws are currently not considered to meet the same legal standards of protection for Personal Data as set out under Data Protection Law, in order to safeguard your Personal Data, we only conduct such a transfer under a contract or another appropriate mechanism which is authorised under Data Protection Law. This is to make sure that your Personal Data is safeguarded in accordance with the same legal standards that apply to us in the United Kingdom.
  11. How long we retain your Personal Data for
    1. We only retain Personal Data identifying you for as long as you have a relationship with us; or as necessary to perform our obligations to you (or to enforce or defend contract claims); or as is required by applicable law.
    2. We have a data retention policy that sets out the different periods we retain data for in respect of relevant purposes in accordance with our duties under Data Protection Law. The criteria we use for determining these retention periods is based on various legislative requirements; the purpose for which we hold data; and guidance issued by relevant regulatory authorities including but not limited to the UK Information Commissioner’s Office (ICO).
    3. Personal Data we no longer need is securely disposed of and/or anonymised so you can no longer be identified from it.
  12. Security that we use to protect Personal Data
    1. We employ appropriate technical and organisational security measures to protect your Personal Data from being accessed by unauthorised persons and against unlawful processing, accidental loss, destruction and damage.
    2. We also endeavour to take all reasonable steps to protect Personal Data from external threats such as malicious software or hacking. However, please be aware that there are always inherent risks in sending information by public networks or using public computers and we cannot 100% guarantee the security of all data sent to us (including Personal Data).
  13. Your personal data rights
    1. In accordance with your legal rights under applicable law, you have a ‘subject access request’ right under which can request information about the Personal Data that we hold about you, what we use that Personal Data for and who it may be disclosed to as well as certain other information. Usually we will have a month to respond to such as subject access request. We reserve the right to verify your identity if you make such a subject access request and we may, in case of complex requests, require a further two months to respond. We may also charge for administrative time in dealing with any manifestly unreasonable or excessive requests for access. We may also require further information to locate the specific information you seek before we can respond in full and apply certain legal exemptions when responding to your request.
    2. Under Data Protection Law you also have the following rights, which are exercisable by making a request to us in writing:
      (a) that we correct Personal Data that we hold about you which is inaccurate or incomplete;
      (b) that we erase your Personal Data without undue delay if we no longer need to hold or process it;
      (c) to object to any automated processing (if applicable) that we carry out in relation to your Personal Data, for example if we conduct any automated credit scoring;
      (d) to object to our use of your Personal Data for direct marketing;
      (e) to object and/or to restrict the use of your Personal Data for purpose other than those set out above unless we have a legitimate reason for continuing to use it; or
      (f) that we transfer Personal Data to another party where the Personal Data has been collected with your consent or is being used to perform contact with you and is being carried out by automated means.
    3. All of these requests may be forwarded on to a third party provider who is involved in the processing of your Personal Data on our behalf.
    4. If you would like to exercise any of the rights set out above, please contact us at the address below.
    5. If you make a request and are not satisfied with our response, or believe that we are illegally processing your Personal Data, you have the right to complain to the Information Commissioner’s Office (ICO) – see https://ico.org.uk/ or telephone 0303 123 1113.
  14. Contact
    If you have any queries regarding this Privacy Notice or wish to make a further request relating to how we use your Personal Data as described above, please contact:
    Name: Sarah Carpenter
    Telephone: +44 (0) 20 7148 0757
    Email: officemanager@holmesproduction.com

Last updated: 2023