References to the processing of information includes the collection, use, storage and protection of data. Grain is the trading name of Grainpost Limited (a company registered in England and Wales with registration number 11007342), which is a ‘data controller’ within the meaning of the Data Protections laws for the purposes of this policy, except where stated otherwise where Grain is a ‘data processor’. This policy extends to those working for and on behalf of Grain and, to the extent set out below, anyone else processing data on our behalf from time to time.
Organisations are permitted to process data if they have one or more legal bases for doing so. Grain processes data on the basis that:
If and to the extent that Grain is relying on solely consent as the basis for processing data, we are required to obtain your explicit consent and you can modify or withdraw this consent at any time by notifying us in writing, although this may affect the extent to which Grain is able to provide services to or interact with you in future.
We may change this policy from time to time and any such changes will be published online at www.grainpost.com. Notwithstanding any change to this policy, we will continue to process your personal data in accordance with your rights and our obligations in law.
This policy is effective from 22 January 2019.
We collect the data necessary for Grain to pursue its legitimate commercial objectives as a post-production studio including, in that connection, maintaining a working archive for ongoing reference by clients and to promote our business to past, current and future potential clients and others. Data collected and processed may include, but not be limited to:
Such information may be collected when you provide it directly or indirectly to us by contacting us through our website or otherwise, or when information about you is disclosed to us by a third party. In such cases, Grain is a data processor acting on behalf of that third party as a data controller and we only process such data on the understanding that those disclosing it to us have the requisite legal authority to do so and have informed data subjects of their legal rights.
We process your personal data in order to pursue our legitimate commercial objectives, as stated above, and in particular for the following purposes:
Data processed will be retained only for as long as is reasonable and permissible in law. Accordingly, the periods for which we retain data will vary depending on the purposes for which it was collected and relevant statutory or other requirements.
You, as the data subject, may request deletion of your data at any time in writing, subject to any overriding legal requirement for its retention, such as the need, where appropriate, to comply with the requirements of Her Majesty’s Revenue and Customs or other regulatory authorities, or to prevent the commission of or assist in the investigation of an actual or suspected criminal offence, safeguarding incident or civil proceedings. We may keep certain data on a ‘suppression list’ so we know, if requested, not to contact you or process your data in future until further notice.
You may request details of personal information which we hold about you. Any such request must be submitted in writing and we reserve the right to seek verification of the identity of persons making such requests before we respond, which we much do within 30 days. A small fee may be payable if an information request is particularly onerous.
You may choose to restrict the collection or use of your personal information, but this may impact or limit the way in which we are able to interact with you. You may, at any time, change your mind about what information we hold about you, or if we continue to hold it at all, subject to any legal obligation on us to retain data, and as stated above.
You are responsible for the accuracy of data you have provided to Grain. If you believe that any information we are holding about you or someone else is incorrect or incomplete, please write to us as soon as possible. We will promptly correct any information found to be incorrect.
In the unlikely event that there is any kind of a breach of our duties and obligations under this policy or the Data Protections laws, we will take immediate steps to isolate and rectify the problem. Should the breach be serious one (where there is a risk of, for example, discrimination, damage to reputation, financial loss or loss of confidential information) we have a duty to report that matter to the individuals affected and to the Office of the Information Commissioner.
You can obtain further information about Data Protection and privacy laws and your rights by visiting the Information Commissioner’s website at: https://ico.org.uk/for-thepublic.
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure,we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the data we process. Persons processing data for or on behalf of Grain do so in accordance with this policy and on the basis that Grain is satisfied that they can and will adhere to our high standards for data protection and security.
The transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. Please note that, unless encrypted, email messages sent via the internet may not be secure and could be intercepted and read by someone else. Please bear this in mind when deciding whether to include personal or sensitive information in any email messages you send to us.
Traffic log cookies may be used to identify which pages are being used. This helps analyse data about web page traffic and improve a website to tailor it to users’ needs. Information is only used for statistical analysis purposes and then the data is removed from the system. We may also collect and store information about your browsing device, including, where available, your IP address, operating system and browser type, together with certain anonymous statistical data about your browsing activities and patterns which does not contain any personal data. A cookie in no way gives access to your computer or any information about you, other than the data you choose to share.
However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.