The Story Collective

Privacy policy

Privacy Policy

 
 

Who are we?

We are TSC Entertainment, a TV production company and global content studio. Our contact details are set out on our Contact page. 

What does this Policy cover?

This Privacy Policy covers our use of personal data through the website, and generally as part of our business. We are committed to complying with the GDPR (2016), the UK GDPR (2021) and the Data Protection Act (2018) and good business practices. We are both a data controller and a data processor.

This is our privacy policy so please be aware that should you follow a link to another website, you are no longer covered by this policy. It’s a good idea to understand the privacy policy of any website before sharing personal information with it.

What personal data do we collect about you and why?

We collect personal data from the following:

  • Individuals who reach out to us through our website or otherwise. The personal data we process comprises contact details and correspondence and is used for us to respond to the specific query or request.

  • Clients and potential clients and commercial partners including freelancers and contractors. The personal data we process comprises contact details and correspondence. This is used for us to fulfil contracts and engage in business discussions.

  • Individuals who ask about a position with the company in which case we may process CV, interview and sample material, references, and contact details. This is used for us to consider your application for a job or contract with us.

What legal basis do we have for using your information?

Processing of personal data is either necessary for the performance of a contract we have with you (for example we need payment details to pay you) or it is necessary for our legitimate business interests of responding to queries, general correspondence, engaging with clients and potential clients and considering any applications or suitable candidates and contractors. We also hold onto correspondence and information relating to services provided in order to investigate issues or complaints and defend ourselves in relation to legal claims. We don’t generally process special categories personal data (such as health information) but if we do it will be for a specific purpose or unless an exemption applies under data protection rules. 

Data Protection Legislation Requirements

We regularly conduct data flows and a data inventory or data audit which looks at all aspects of the personal data that we process, including the legal basis for processing and any special requirements that the data needs. Any risk assessments (DPIAs) requirements are identified and completed paying particular attention to privacy risks associated with each processing activity: storage, collection, transmission, access and deletion.

We regularly complete Legitimate Interest Assessments to ensure that our marketing activities are considered, appropriate and are in accordance with all relevant legislation.

We will never knowingly collect data from or on children below 13 years old.

How long do we keep your personal data for?

We keep your information only for as long as is necessary for the relevant purpose. For example, if we have a contract with you, this will be for 6.5 years after expiry in order to assist us with any contractual claims. We have a data retention schedule which detail the personal data that we process, how long we keep it for and what happens to it after this period.

Who do we share your personal data with?

We don’t sell personal data. Data may be shared in the following circumstances:

  • With professional advisors;

  • In order to conduct checks on you to verify the information you have provided us with where you are being considered for a position or contract with us;

  • In the event of a sale of the company or its assets;

  • With suppliers but only subject to robust contractual protections;

  • With clients on a need to know basis. 

What happens if you do not provide us with the information we request or ask that we stop processing your information?

If you do not provide the personal data necessary, we may not be able to respond to your query or consider your application or request. 

Do we make automated decisions concerning you?

Automated decisions are those made without human intervention that have a legal effect on you or other similarly significant effect (for example determining whether you are eligible for a job). We do not carry out this type of processing activity. 

Do we use Cookies to collect personal data on you?

TSC Entertainment only uses ‘essential’ or ‘necessary’ cookies which the Squarespace platform requires for proper site operation which is session based and collects no visitor data.

To find out more about managing cookies on popular browsers please visit:

Internet Explorer™ browser:
Click here
Safari™ browser:
Click here
Chrome™ browser:
Click here
Firefox™ browser:
Click here
Opera™ browser:
Click here

To find out more about cookies, including how to see what cookies have been set and how to disable them, please visit www.aboutcookies.org or www.allaboutcookies.org. 

Data Breaches

We have procedures in place to deal with any suspected personal data breach and will notify you and any supervisory body of a breach if we are legally required to.

Do we transfer your data outside Europe?

We may sometimes transfer your personal data to countries outside the UK and European Economic Area, for example if we are using a supplier based elsewhere. The privacy laws in countries outside the European Economic Area and UK may be different from those in your home country. Where we transfer data to a country that has not been deemed to provide adequate data protection standards, we always have security measures and approved European model clauses or other adequate safeguards in place to protect your personal data. 

What rights do you have in relation to the data we hold on you? 

By law, you have a number of rights when it comes to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country. In the UK this is the Information Commissioner. 

We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for: 

  • baseless or excessive/repeated requests, or 

  • further copies of the same information. 

Alternatively, we may be entitled to refuse to act on the request in some circumstances. Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know. 

Rights: What does this mean?

  1. The right to be informed: You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Privacy Policy. 

  2. The right of access: You have the right to obtain access to your information (if we are processing it), and certain other information (similar to that provided in this Privacy Policy). This is so you’re aware and can check that we’re using your information in accordance with data protection law. 

  3. The right to rectification: You are entitled to have your information corrected if it is inaccurate or incomplete. 

  4. The right to erasure: This is also known as the right to be forgotten and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right, there are exceptions. 

  5. The right to restrict processing: You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future. 

  6. The right to data portability: You have rights to obtain and reuse your personal data for your own purposes across different services. This is not a normal scenario for companies of our nature but if you have any questions you can contact us.  

  7. The right to object to processing: You have the right to object to certain types of processing, including processing for direct marketing or where we are relying on our legitimate interests for processing. 

  8. The right to lodge a complaint: You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator. 

  9. The right to withdraw consent: If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes. 

How can you contact us?

If you are unhappy with how we’ve handled your information or have further questions on the processing of your personal data, please contact us using the details on our Contact page.

If you have any concerns about how your data is being used or processed and we have not been able to help you, then you can contact the ICO. Ways to report concerns are detailed on their website:  https://ico.org.uk/concerns/ .