Data Protection Statement
Here at Take 1 we take protection of personal data of customers, employees and suppliers seriously. As General Data Protection Regulation (GDPR) and the new draft UK Data Protection Act has now been implemented, Take 1 Script Services Ltd. would like to take this opportunity to let our customers know how we are processing personal data.
Our core service offerings involve transcription, translation and processing of audiovisual and document assets on behalf of our customers, some of which include raw documentary/interview footage across varying subject matter, possibly including GDPR-defined ‘special categories’ of personal data.
By sending Take 1 any source assets for working on, customers (as Data Controllers) are confirming that their organisation, and any contributors or participants in the content have provided consent for processing of such information by Take 1.
In addition to the source assets Take 1 are provided to perform services, Take 1 also receive personally identifiable information (PII) from our customer contacts in order to provide our services, for example name, work address, email address and telephone number.
Under article 6(1)(f) of the GDPR we process personal information for our legitimate business interests. “Legitimate Interests” in our case means the use of contact details provided by our customers in order to process and deliver orders and communicate regarding matters during the lifetime of an order. We are amending our service ordering process to include the ability for customers to provide us explicit consent for such activities which is an additional basis for processing under article 6(1)(a) of the GDPR.
In order to protect the personal data, source content and derived content of our customers, employees and suppliers, we operate a risk-based information security management system based on industry best practice guidelines. If you want more information on any of our security controls, please get in touch with your Take 1 contact.
Now that GDPR and the new Data Protection Act have become law, we have taken the view that we should obtain explicit consent for email marketing, which is also likely to be required when the UK email marketing legislation known as PECR is replaced in 2019 by the proposed new draft EU privacy regulation. We have actively contacted our EU based customers in order to ask for consent for hearing about our products, services and offers – as we have lots of exciting things coming up that we want to shout about!
If you have any queries or concerns about any aspect regarding the processing of your personal information or source content, please contact our Data Protection Officer.
Data Protection Officer: firstname.lastname@example.org
Data Controller: Take 1 Script Services Ltd.
Data Processing Agency: Take 1 Script Services Ltd.