Privacy notice for website visitors
School of Beatbox Ltd (the "Company" or "we") is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.
This notice applies to individuals who visit and use our website. We may update this notice at any time.
It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.
We will comply with data protection law. This says that the personal information we hold about you must be:
1. used lawfully, fairly and in a transparent way;
2. collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
3. relevant to the purposes we have told you about and limited only to those purposes;
4. accurate and kept up-to-date;
5. kept only as long as necessary for the purposes we have told you about; and
6. kept securely.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
There are “special categories” of more sensitive personal data which require a higher level of protection.
We may collect, store, and use the following categories of personal information about you:
Particularly Sensitive Information
We do not envisage that we would process any particularly sensitive information relating to you.
We may obtain personal data from you through your visits to and use of our website.
We collect, process, and otherwise use your personal data for purposes (a) that are required by applicable law, regulations or other contracts, (b) to allow us to fulfil our business needs and legal obligations; (c) for our business marketing purposes; and (d) to establish, perform or terminate the business relationship with you.
Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.
If you fail to provide certain information when requested, we may not be able to perform any contract or other arrangement we have entered into with you and we may not be able to provide any services to you, or we may be prevented from complying with our legal obligations.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We do not envisage undertaking any automated decision-making in relation to you or your personal data.
Your personal data will be disclosed within the Company only to those individuals who need access to your personal data to perform their duties for the purposes listed in section 4 above or where required or permitted by applicable law.
We may also disclose your personal data to third parties providing information technology support or technical and organizational services in connection with our business-related activities or legal, audit or other advisors to us for the purposes referred to in this notice. We will exercise appropriate due diligence in the selection of third-party service providers, and require that such providers maintain adequate technical and organisational security measures to safeguard your personal data, and to process your personal data only as instructed by us and for no other purposes.
We may also disclose your personal data to governmental authorities as required or permitted by law; consultants in connection with extraordinary business operations (e.g., mergers, acquisitions and the like); to business partners, agents and customers; external consultants and professionals; and courts. Your personal data will be disclosed to such third parties only as necessary in connection with the performance of contracts, our business activities and the purposes listed in section 4 above, as permitted by consent or as otherwise authorised, required or permitted by law.
Our contractual and legal obligations as well as our legitimate business interests under applicable data privacy laws form the legal basis of the processing described in this notice. Our legitimate interests or those of a third party include our requirements to use your personal data in litigation or for other legal purposes involving the Company and may also include the need to transfer your personal data to third countries without adequate data protection laws. In this event, we will take reasonable steps to protect your personal data as required by applicable data privacy laws.
We have put in place measures to protect the security of your information. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We intend to keep your personal data accurate and up-to-date. We will also strive to retain your personal data no longer than is necessary to carry out the purposes listed in this notice or than is required by law. We shall retain your personal data for up to three years following the end of our business relationship in accordance with applicable law.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Under certain circumstances, by law you have the right to:
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact a director in writing.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.
If you have any questions about this privacy notice, please contact firstname.lastname@example.org.