Scrooge and Marley London Limited (SMLL, us, we) is committed to protecting and respecting your privacy. When you or your professional advisors supply SMLL with your information, we take appropriate steps to ensure it is treated securely. This Policy is in line with the new General Data Protection Regulation (GDPR), which came into effect on 25th May 2018.
This Policy may periodically change in keeping with the European-wide law. If and when any changes are required, you will be notified by email if we are required to do so by statute. Otherwise, we reserve the right to change this policy from time to time and you may request a copy of the then-current policy by contacting us at any point.
Any questions regarding the Policy and SMLL privacy practices can be sent by email to email@example.com.
This Policy clarifies why we collect information and explains how we use it, the conditions under which we may disclose it to others and how it is secured. Scrooge and Marley London Limited (SMLL) is a production company, primarily involved in the production of A Christmas Carol.
SMLL registered business address is 4th Floor, 1 Wardour Street, London, W1D 6PA.
When you agree to conduct business with SMLL we collect information from you or your professional advisors via, email, telephone, written correspondence, verbal and all other methods of communication.
Information we may obtain includes the following:
Please note that we may have more information held on file, if you would like the specific details of what we hold please contact us via firstname.lastname@example.org.
Your information is only used for legitimate business purposes; for us to fulfil the terms of our contractual agreement with you; for us to comply with a legal or regulatory obligation; or where you have otherwise consented to our use of your personal data.
If you or your professional advisors fail to provide the data when requested, we may not be able to perform our contractual obligations and therefore it is important that the data we hold on you is accurate and current and you bear responsibility for updating us of any information we require.
SMLL shall review its retention of such data on a 10 year basis and SMLL shall not sell or rent your information to any third parties.
Disclosure of your personal data
SMLL may pass your information to third party providers including, but not limited to: agents, creative and production team members, sub contactors and other associated organisations for the purposes of providing our services to you.
However, when we use third party service providers, we shall only disclose the information that is essential to deliver our service save as expressly set out in this policy, or as otherwise required or permitted by law.
SMLL shall never release information to non-work related third parties for them to use for their own direct marketing purposes, unless you have explicitly requested SMLL to do so, or unless we are required to do so by law.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Following the termination of any contractual obligations we may bear under our agreement with you, you are permitted to ask us or third parties to stop storing data on you, provided doing so would not be in contravention of any statutory obligation on our (or the third party’s) part.
Non-sensitive details (email addresses etc.) are usually transmitted over the internet and this can never be guaranteed to be 100% secure. Consequently, whilst SMLL makes every endeavour to have the appropriate malware/virus protection installed alongside our IT department, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
SMLL shall continue to make best efforts in ensuring your data is secure on our systems. We limit access to your personal data to those employees, agents, contractors and other third parties who have a legitimate business reason to access such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality
Storing your data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
International Data Transfers
Under specific circumstances, you have the right to request:
We reserve the right to charge you a reasonable fee in complying with your request to exercise your rights under this clause.
We try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests.
As a company we are responsible for meeting the GDPR obligations and ICO requirements and have all the requisite policies and procedures in place to adopt ‘best practice’ in our commitment to implementing GDPR.
This policy was reviewed January 2020.