2.Who We Are
Here are the details that the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data, known as General Data Protection Regulation (GDPR) says we have to give you as a ‘data controller’:
- Our site address is www.RarelyUnable.com
- My Name is Lauren Barley trading as Rarely Unable
- Our business address is :
PO Box 6945
- You can contact me at + 44 208 144 8083 or by emailing firstname.lastname@example.org for any issue related to the processing of your data.
3.What we may collect
We may collect and process the following personal data about you:
- Contact details which you have provided to us or which we have obtained from public sources or industry contacts together with a record of any correspondence between us;
- Other information you provide to us about you or your business including through the contact form on our website or via social media;
- If you are an artist, details in any form of your career and professional activities such as recordings, touring and live performances which you or your label has provided to us or we have obtained from public sources – including photos, videos and sound recordings;
- If you work at or for a label, details in any form of your activities at or for the label which you or the label have provided to us or we have obtained from public sources
- If you are a journalist, publisher, blogger or other media contact, details in any form of activities you carry out in relation to the artists and labels we represent including articles, blogs, press reports and other media content that you may write or produce;
- Details of your visits to our website and contact with us via social media and the resources you use; and
- Information about your computer (e.g. your IP address, browser, operating system, etc.) for system administration and to report aggregate information about our website and social media presence;
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
- you have given consent to the processing of your personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which you are a party or in order to take steps at the request of you prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which we are subject;
- processing is necessary to protect the vital interests of you or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or
- processing is necessary for the purposes of the legitimate interests pursued by us or by our third party supplier, such as our website host or technology providers, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data.
In most cases we or our third parties will be processing your personal data under basis f) above for the legitimate interest of operating, managing and promoting our business as a provider of PR services to the music and media industry or under basis b) if we have a contract with you personally or basis c) when we need to comply with legal requirements and requests. In rare, emergency situations we may use your data under basis d). In some cases there may be overlap between these different basis. If we rely on consent under basis a) we will inform you specifically when we obtain this and of your ability to withdraw that consent at any time.
All Cookies used by and on our website are used in accordance with current English and EU Cookie Law.
A few of the cookies we use last only for the duration of your web session and expire when you close your browser. Other cookies are used to remember you when you return to the website and will last for longer.
Most computer and some mobile web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can prevent the setting of cookies by adjusting the settings on your browser. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of the site.
Our cookies will be used for:
Essential session management
- creating a specific log-in session for a user of the website in order that the website remembers that a user is logged in and that their page requests are delivered in an effective, secure and consistent manner;recognising when a user of the website has visited before allowing us to identify the number of unique users we receive to the website and make sure we have enough capacity for the number of users that we get;
- recognising if a visitor to the website is registered with us in any way;we may also log information from your computer including the existence of cookies, your IP address and information about your browser program in order to allow us to diagnose problems, administer and track your usage of our website.
- customising elements of the promotional layout and/or content of the pages of the website.
Performance and measurement
- collecting statistical information about how our users use the website so that we can improve the website and learn which parts are most popular to users.
5.How we use what we collect
We use personal data about you to operate and promote our business and in particular to:
- Tell you about our business, our services and our charges including on our website and in social media;
- Carry out our contracts with you;
- Promote you to, and in, all forms of the media if you are an artist we represent or to promote your artists to, and in, all forms of the media if you work in or for a label we represent; and/or
- Provide you with information and other content about the artists and labels we represent that you request – or which we think may interest you – if you are a journalist, publisher, blogger or other media contact.
If you are a journalist, publisher, editor, blogger or other media contact and you do not want to receive our communications about the artists and labels we represent then contact us at any time to opt-out at email@example.com
In addition, if you don’t want us to use your personal data for any of the other reasons set out in this section 5, you can let us know at any time by contacting us at firstname.lastname@example.org, but this may will limit our ability to provide the best possible services to you.
In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide if you don’t provide your personal data in these cases.
6.Disclosing your information
We may disclose your information in the following cases:
- To the public generally when we include information and other content about you on our website and in social media and also to journalists, publishers, bloggers and other media contacts if you are an artist or you work in or for a label we represent;
- To the artists and the labels we represent if you are a journalist, publisher, blogger or other media contact;
- We can disclose it if we have a legal obligation to do so, or in order to protect other people’s property, safety or rights;
- We can exchange information with financial institutions and professional and legal advisers to protect against fraud or credit risks;
- If we want to sell our business, or our company, we can disclose it to the potential buyer; and/or
We may contract with third parties to supply services to you on our behalf. These may include emails servers and databases, payment processing, search engine facilities, advertising agencies and marketing services providers. In some cases, the third parties may require access to some or all of your data.
Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the GDPR and the law.
6.Transfers outside the European Union (EU)
If you are in the EU, please note that we may need to transfer your data outside of the EU (where data protection law may not provide an equivalent level of protection to the GDPR) in order to provide our PR services in international media based outside the EU including on our or other websites and in social media and therefore this will be necessary for the purposes of our contract with you or a contract from which you benefit or it will be with your consent.
We only keep your personal data for as long as we need to in order to use it as described above in section 5, and/or for as long as we have your permission to keep it. In any event, we will conduct an annual review to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it.
You can ask us not to use your data for marketing. You can do this contacting us at any time at email@example.com.
Under the GDPR, you have the right to:
- request access to, deletion of or correction of, your personal data held by us at no cost to you;
- request that your personal data be transferred to another person (data portability);
- be informed of what data processing is taking place; restrict processing;
- to object to processing of your personal data; and complain to a supervisory authority.
9.Links to other sites
Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our site. We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
NOTICE FOR OUR CLIENTS
When we act as data processors
In cases where we act as a data processor (as defined in the GDPR) on behalf of our label or other client (the Client) under our services agreement with the Client (the Client Agreement) in respect of personal data provided to us by or on behalf of them (the Data), we will comply with the following obligations which shall be deemed incorporated into the Client Agreement:
Subject to the condition that the Client has all necessary and appropriate consents and/or notices in place and is otherwise able to enable lawful transfer of the Data to us for the necessary duration and purposes, we shall in relation to any Data processed by us in connection with the performance of the Client Agreement:
(a) process that Data only on the written and lawful instructions of the Client unless we are required by the laws of any member of the European Union or by the laws of the European Union applicable to us to process Personal Data (Applicable Laws). Where we are relying on laws of a member of the European Union or European Union law as the basis for processing Personal Data, we shall promptly notify the Client of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit us from so notifying the Client;
(b) ensure that we have in place appropriate technical and organisational measures, reviewed and approved by the Client, to protect against unauthorised or unlawful processing of the Data and against accidental loss or destruction of, or damage to, the Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting the Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to the Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it);
(c) ensure that all personnel who have access to and/or process the Data are obliged to keep the Data confidential;
(d) assist the Client, at the Client’s cost, in responding to any request from a data subject (as defined by the GDPR) and in ensuring compliance with its obligations under the Applicable Laws with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
(e) notify the Client without undue delay on becoming aware of a Personal Data Breach (as defined by the GDPR);
(f) at the written direction of the Client, delete or return the Data and copies thereof to the Client on termination of the Client Agreement unless required by Applicable Laws to store the Data; and
(g) maintain complete and accurate records and information to demonstrate its compliance with the above (and allow for audits by the Client or the Client’s designated auditor).
The Client authorises us to appoint third-party processors of the Data under the Client Agreement on terms which are substantially similar to those set out here.
In respect of the Data: (a) the scope, nature, purpose and duration of processing; (b) the types of personal data and (c) the categories of data subject; are as set out in, or agreed under, the Client Agreement.