1. Introduction
This policy outlines Audiama’s commitment to managing and safeguarding data in compliance with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
2. Purpose
This policy provides guidelines on collecting, processing, storing and deleting personal data, ensuring the rights of individuals are upheld and their data is protected against unauthorized access, loss, or damage.
3. Scope
This policy applies to all employees, freelancers, contractors and collaborators of Audiama Productions Limited. All parties must adhere to the policy when handling personal data associated with our company’s operations, including but not limited to client and customer information, audience demographics and employee records.
4. Definitions
4.1 Personal Data:
Any information related to an identified or identifiable natural person.
4.2 Processing:
Any operation performed on personal data, such as collection, recording, storage, alteration, or deletion.
5. Principles
We adhere to the following principles:
5.1 Lawfulness, Fairness and Transparency:
Data will be processed lawfully, fairly and transparently.
5.2 Purpose Limitation:
Data will only be collected for specific, explicit and legitimate purposes.
5.3 Data Minimization:
Only necessary data will be collected and processed.
5.4 Accuracy:
Data will be accurate and kept up to date.
5.5 Storage Limitation:
Data will not be stored longer than necessary.
5.6 Integrity and Confidentiality:
Data will be processed securely, ensuring protection against unauthorized access, loss, or damage.
6. Data Collection and Usage
6.1 Consent:
We only collect personal data with clear consent. Individuals have the right to withdraw consent at any time.
6.2 Purpose:
Personal data is collected primarily for business operations, audience engagement, marketing and regulatory compliance.
6.3 Children:
Audiama Productions Limited does not knowingly collect data from children under 16 without parental or guardian consent.
7. Data Access and Sharing
7.1 Internal Access:
Access to personal data is restricted to personnel who need the data to fulfil their job responsibilities.
7.2 External Sharing:
We do not share personal data with third parties unless necessary for business operations or if legally required. Any third parties accessing our data will adhere to stringent data protection standards.
8. Data Storage and Security
8.1 Storage:
Data is stored in secure databases, protected by robust technical measures.
8.2 Security:
Audiama employs firewalls, encryption and secure access controls to safeguard data.
8.3 Breach:
In the event of a data breach, affected parties will be notified as per regulatory requirements and immediate steps will be taken to mitigate the breach.
9. Rights of Individuals
9.1 Access:
Individuals have the right to request access to their personal data.
9.2 Rectification:
Individuals can request corrections to inaccurate or incomplete data.
9.3 Deletion:
In certain circumstances, individuals can request their data be deleted.
9.4 Restriction:
Individuals can request restrictions on data processing.
9.5 Portability:
Individuals have the right to request their data in a structured, commonly used, and machine-readable format.
9.6 Objection:
Individuals have the right to object to data processing, especially for marketing purposes.
10. Data Retention
We retain data for as long as necessary to fulfil the purposes for which it was collected or to comply with legal requirements. After this period, personal data will be securely deleted.
11. Employee Responsibilities
All Audiama employees:
11.1 Must adhere to this policy and associated GDPR guidelines.
11.2 Must attend data protection training sessions.
11.3 Should report any data breaches or concerns to the designated Data Protection Officer.
12. Review and Compliance
12.1 Compliance
Audiama has a designated Data Protection Officer responsible for ensuring compliance with this policy.
12.2 Review
This policy will be reviewed annually or in light of significant operational or legislative changes.
13. Contact and Queries
For queries regarding this policy, data rights, or any related concerns, contact our Data Protection Officer at dpo@audiama.com
14. UK ICO registration
Audiama Productions Limited is registered with the UK Information Commissioner’s Office (ICO) with registration number ZB517747.
Reviewed September 2023