We are Midnightsabers. Our contact and other details are set out at the end of this policy. We are the data controller in relation to the personal data processed in accordance with this policy (except where this policy explains otherwise).
We collect and process personal data as follows:
If you make enquiries:
We may collect your individual contact information to enable us to communicate with you in relation to the provision of goods and/or services by us and other personal information relating to you to in the course of providing the services concerned.
If you prchase goods or services from us:
We may collect relevant personal information relating to you to the extent necessary to enable that work to take place, such as name, address, email, telephone number.
If you are a public official, otherwise act in an official capacity, work for a public body, are a journalist or otherwise involved in the media and we need to contact you in the course of providing public relations or related services:
We will collect your contact details to enable us to communicate with you on behalf of or in relation to our services.
If you browse our website:
We may collect information on your visits to our website and how you move around different sections of our website for analytics purposes to understand how people use our website so that we can make it more intuitive.
If we wish to send you advertising, marketing or promotional material:
We may collect your individual contact details in order to send you direct marketing material to advertise, market or promote our services (either to you or the person that you work for, as appropriate).
We may combine this with other information we obtain about the things you are interested in and that are relevant to the services provided by us to help us ensure that material we send you is relevant to what you are interested in.
If you are a customer or other contact of any of our clients:
If requested to do so by a client, we may collect your individual contact information or other information relevant to your dealings with, or of other relevance to, our clients (for example, goods or services that you have obtained from our client or relevant social media interaction relevant to our client) for the purpose of contacting you on our client’s behalf. In doing this, we will normally be acting as a data processor on behalf of the relevant client, and any processing of your personal data by us will be solely
in accordance with our client’s instructions and under our client’s control.
We normally process personal data only in the UK. Where necessary, in order to provide our services (for example, when providing services in relation to an international campaign) we may share relevant personal data with our associated companies outside the UK, but only to the extent necessary to provide the services concerned. Where personal data is transferred in relation to providing our services we will take all steps reasonably necessary to ensure that it is subject to appropriate safeguards.
All personal data processed by us is stored securely, the level of security being appropriate to the nature of the data concerned. Any payment transactions
administered by us will be encrypted using appropriate technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website or systems, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. We will use appropriate procedures and security features to try to prevent any unauthorised access to your information.
We may where appropriate share your personal data with:
• Any member of our staff, as necessary.
• Appropriate third parties including: our business partners, customers, suppliers and sub-contractors for the performance of any contract we enter into or other dealings we have in the normal course of business with you or the person that you work for;
• the media, where you are participating in advertising or other marketing or promotion that is intended to be publicly disseminated;
• our auditors, legal advisors and other professional advisors or service providers;
• credit or other similar reference agencies for assessing your suitability or ability where this is in the context of us entering (or proposing to enter) into a contract with you or the person that you work for.
We may disclose your personal data to third parties:
• If all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or to protect the rights, property, or safety of our business, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of child protection, fraud protection, or credit risk reduction.
The legal basis on which we process your personal data is as follows:
• Where it is necessary to obtain your prior consent to the processing concerned in order for us to be allowed to do it, we will obtain and rely on your consent in relation to the processing concerned (in relation to any processing we are carrying out with your consent, see below for how to withdraw your consent).
• Otherwise, we will process your personal data where the processing is necessary:
• for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract;
• for compliance with a legal obligation to which we are a subject; or
• for the purposes of the legitimate interests pursued by us or another person, provided that this will only be in circumstances in which those legitimate interests are not overridden by your interests or fundamental rights and freedoms which require protection of personal data.
We process personal data only for so long as is necessary for the purpose(s) for which it was originally collected, after which it will be deleted or archived except to the extent that it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject or for another legitimate and lawful purpose.
You have the following rights in relation to personal data relating to you that we process:
• You may request access to the personal data concerned.
• You may request that incorrect personal data that we are processing be rectified.
• In certain circumstances (normally where it is no longer necessary for us to continue to process it), you may be entitled to request that we erase the personal data concerned.
• Where we are processing your personal data based on our legitimate interests, you may in certain circumstances have a right to object to that processing.
• Where we are processing personal data relating to you with your prior consent to that processing, you may withdraw your consent, after which we shall stop the processing concerned. To exercise any of your rights (including withdrawing relevant consents or obtaining access to your personal data), you should contact us as set out below. If you have a complaint about any processing of your personal data being conducted by us, you can contact us as set out below or lodge a formal compliant with the Information
The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal
data, as well as deal with any complaints that you have about our processing of your personal data.
Our contact details are: 54 Mayfield Crescent, Brighton, East Sussex, BN1 8HQ.
Contact: The Data Protection Officer Email: email@example.com
Phone: +44 (0)7971 788 125
This policy was last updated on 2nd March 2021.