Last updated: April 23, 2020
This policy covers all personal data collected and retained both directly by Fronic Media and on behalf of Fronic Media clients during use of the our services.The Purpose of this policy is to make sure the company complies with all current data protection laws, as well as to ensure sensitive information provided to the company by it’s clients and other 3rd1 parties is protected to the best of our abilities.
As part of this policy Fronic Media is committed to the following:
- Abide by all current data protection laws
- Inform relevant parties within 72 hours of any data breach becoming known to the company
- As far as possible collect only that data which is required to carry out the company’s business and that of its clients
Note that this policy covers the rights of individuals and relates to their personal data that we process.
In many cases Fronic Media will be acting as a data processor on behalf of it’s clients, who will be the data controller, and as such many of the legal rights and obligations relating to your personal data will ultimately lay with that 3rd party data controller.
2. Collecting Data
When collecting personal data that we control we rely on the following legal basis:
Consent: We will specifically ask you if we can use your data, and explain to you how it will be used e.g. promo or news letter opt in consent
Contractual obligations: If we need to use your data in order to carry out business relating to an existing contract or business relationship we have with you e.g. collecting payment details in order to pay artists
Legal Compliance: We may need to collect and pass on certain details to meet legal obligations e.g. your country of residence for tax purposes.
Legitimate interest: In some situations we collect data in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. e.g. storing your IP addresses to prevent fraud
We take the security or all data we hold seriously, the following outlines some of the precautions taken to ensure the security of data held by the company, it is not an exhaustive list:
- All client systems are protected by SSL encryption
- Sensitive data (such as passwords and payment details) stored on Fronic Media servers is encrypted before storage
- Client data will not be transferred to 3rd parties unless prior written consent is given by the client, it is required by law, or is required to undertake business activities as previously agreed with by the client
- Data should only be accessible to those who are authorized to view it, in most cases this is achieved via username and password access restrictions e.g. to databases and client systems.
- All data used as part of the operation of client Fronic Media systems is stored on servers.
4. Your rights
As an individual you have the right to request:
- Access to the personal data we hold about you, free of charge in most cases.
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing.
- That we stop any consent-based processing of your personal data after you withdraw that consent.
Note that in many cases Fronic Media will be acting as a data processor on behalf of its clients, who will be the data controller. In these cases while Fronic Media will do it’s best to facilitate the access to as well as removal and correction of your personal data, final legal responsibility for this may lie with the data controller.
Note that in some cases we may be allowed to continue to store and processes your data if we have a legitimate requirement to do so, in such cases we will only keep as much data as is required to carry out those requirements.
Note that even after unsubscribing from some services, we may keep your details on record to enable us to identify past relationships where there is a legitimate interest to do so e.g. if you unsubscribe from a news letter we may store your email address so we know not to read you in future. In these cases you can request full removal of your data (other than where a legitimate requirement to store it remains) by emailing us at firstname.lastname@example.org