1.1 Prodigar takes the privacy and security of your data seriously. Prodigar requires the collection and use of information or ‘data’ to successfully manage our relationship with our clients. We aim to comply with our required legal obligations under the Data Protection Act 2018 (the ‘2018 Act’) and the EU General Data Protection Regulation (‘GDPR’) in respect of data privacy and security. As a result, it is our duty to notify you of the information contained in this policy.
1.2 Prodigar has taken certain actions to ensure the protection and security of your data in accordance with our Data Security Policy.
1.3Prodigar will hold data in accordance with our Data Retention Policy. Data will only be held for as long as necessary for the purposes for which we collected it.
1.4 Prodigar determines the use and function of your personal data. For the purposes of your personal data, Prodigar may be called a ‘data controller’.
1.5 This policy intends to fully comply with the 2018 Act and new GDPR laws. If a conflict arises between this policy and such laws, Prodigar will take all necessary actions to ensure complete compliance.
2. Data Protection Principles
2.1 All Personal data is processed in accordance with these ‘Data Protection Principles.’
All data is:
Gathered and processed only for specifiedand lawful purposes;
Processed respectfully, lawfully and in full transparency
Applied only to what is necessary for the purposes of its collection;
Correct and regularly updated if necessary. Any incorrect data is deleted and/or edited immediately
Never kept longer than necessary for the purposes for which it is processed;
Alwaysprocessed safely and securely.
We are accountable for these principles and must be able to show that we are compliant.
3. How We Define Personal Data
3.1 ‘Personal data’ is information in regards to a person identifiable from that data (a ‘data subject’).
3.3 Prodigar may have been provided personal data from the person directly, or by someone else, such as a former employer.
3.4 We will collect and use the following types of personal data about you:
Any other category of personal data that we may notify you of from time to time.
4. How We Define Processing
4.1 ‘Processing’ means any operation which is performed on personal data such as:
collection, recording, organisation, structuring or storage;
adaption or alteration;
retrieval, consultation or use;
disclosure by transmission, dissemination or otherwise making available;
alignment or combination; and
restriction, destruction or erasure.
This includes processing personal data which forms part of a filing system and any automated processing.
5. How Will We Process Your Personal Data?
5.1 Prodigar will process your personal data (including special categories of personal data) in accordance with our obligations under the 2018 Act.
5.2 We will use your personal data to:
Send you unique and tailored offers
Show you exciting new images
Send information about our agency
Contact you by telephone
Your personal data will be processed for these purposes only with your consent. Prodigar will not use your personal data for an unrelated purpose without first notifying you about it and the legal basis that we intend to rely on for processing it.
6. Sharing Your Personal Data
6.1 Prodigar does not share your personal data with any third party.
7. How do Prodigar Employees Process Personal Data?
7.1 All Prodigar employees are responsible for appropriately and securely collecting and storing data. This is in line with this policy and Prodigar’s Data Security and Data Retention policies.
7.2 Prodigar employees only access personal data to complete work for the agency, and only if they are authorized to do so. Employees only use the data for the specified lawful purpose for which it was obtained.
7.3 Prodigar employees keep all personal data secure and do not share it with unauthorised people.
7.4 Prodigar employees will not make unnecessary copies of personal data and will keep and dispose of any copies in a secure manner.
7.5 All Prodigar employees use strong passwords.
7.6 Prodigar employees do not save any personal data to their own personal computers or other personal devices.
7.7 No personal data is removed from Prodigar’s premises without lawful authorisation.
7.8 Any breach of this policy made by Prodigar employees will result in disciplinary action in accordance with our disciplinary procedure.
8. How We Deal With Data Breaches
8.1 In order to prevent and minimise data breaches we have robust measures in place. However, should a data breach occur, the necessary evidence will be collected regarding the breach. If the breach is likely to result in a risk to the rights and freedoms of individuals then we must also notify the Information Commissioner’s Office within 72 hours.
8.2 If you are aware of a data breach you must contact email@example.com and keep any evidence you have in relation to the breach.
9. Your Data Subject Rights
9.1 You have the right to information about what personal data we process, how and on what basis as set out in this policy.
9.2 You have the right to access your own personal data
9.3 You can correct any inaccuracies in your personal data. To do so you should contact firstname.lastname@example.org
9.4 You have the right to request that we delete any personal data we were not lawfully permitted to process, or that is no longer necessary to be processed for its original collection purpose. To do so you should contact email@example.com
9.5 If you have requested personal data to be corrected or deleted, or are contesting the legality of our processing, you may apply for its use to be restricted while the application is made. To do so you should contact firstname.lastname@example.org
9.6 Any data processing where we are relying on a lawful interest to do so and you believe your rights outweigh our own and you would like us to stop, you have the right to object.
9.7 If there is a data security breach regarding your personal data, you have the right to be notified.
9.8 We will not rely on your consent to process your data in most situations. If we do require consent, you have the right to withhold consent or withdraw later.
9.9 You have the right to complain to the Information Commissioner. You can do this be contacting the Information Commissioner’s Office directly. Full contact details can be found on the Information Commissioner’s Office website (www.ico.org.uk). This website has further information on your rights and our obligations.
You can reach the Prodigar Team by emailing email@example.com, or by telephone at 020 8543 7112, or by post at:
Prodigar Ltd, 88 Clarence Road, Wimbledon London, SW19 8QD England