Effective from [August 2022]
This notice explains what personal data we collect about visitors to this website and users of the Fictioneers platform and how we use that personal data. ‘Personal data’ means any information which directly or indirectly identifies you.
If you are a user of a third party mobile app that has been developed using the Fictioneers platform, please see our [User Data Processing Statement].
Who are we?
We are Fictioneers Limited, a company registered in England and Wales under company number 11945003 with its registered office at S4C Media Centre, Ty Glas Business Park, Llanishen, Cardiff CF14 5DU, United Kingdom (Fictioneers).
Fictioneers is registered as a ‘controller’ with the UK Information Commissioner’s Office (ICO) under number ZA765471.
What personal data do we hold about you?
The personal data that we may collect from and about you is limited to:
- any information you provide to us when completing forms on our website
- your user account credentials if you are an authorised user of the Fictioneers platform
- any information obtained through the cookies stored on your device by our website or the Fictioneers platform (see below).
What will we use your personal data for?
We will use personal data collected through forms on our website to respond to your messages and to contact you. We will do this based on our legitimate interests in responding to messages and requests made using such forms.
We will use your account credentials to provide you with access to the Fictioneers platform. We will do this based on our legitimate interests of facilitating access to the Fictioneers platform in accordance with the terms of the agreements with our customers.
We will use information obtained through the cookies stored on your device for the purposes described below. Except for cookies which are strictly necessary for security purposes or to provide functionality that you have requested, we will do this based on your consent (which you may withdraw through the settings in your browser or device).
Who will we share your personal data with?
We will only share your personal data as necessary to provide you with access to our website, to respond to your messages, to send you emails that you have signed up to receive and to provide you with access to the Fictioneers platform, where applicable. In this context “share” does not necessarily mean that we hand over your personal data to someone else, but that they may have access to it. The categories of third parties with whom we share your personal data include:
- The provider that we use to develop and host our website
- The platform that we use to receive and response to customer support requests
- The API provider that we use to deliver transactional emails through our platform
- The platform that we use to track and manage customer relationships
- The platform that we use to collect electronic signatures to our contracts
- The analytics providers that we use to collect analytical data about how our website and our platform are used
- The business tools that we use to send emails and create and share documents.
To access the Fictioneers platform, you will need to have a Google account and will need to authenticate your account details with Google. The only other times when we may need to share your personal data would be:
- to protect or enforce our legal rights or comply with our legal obligations, where we may share your personal data with our legal advisers, the courts, the police or other authorities
- to any potential buyer or seller, in the event that we buy or sell any business or assets.
We will only ever share your personal data where we are happy that your rights will be respected and not adversely affected.
Where will we store your personal data?
Your personal data will be stored by us on servers both inside and outside the United Kingdom and the European Economic Area, in particular, where your personal data are processed by our third party service providers.
In accordance with data protection laws in the UK and the EEA, we ensure that our agreements with third party service providers contain a set of clauses that have been approved by the ICO in the UK and the European Commission in the EEA, as providing an adequate level of protection for personal data. A number of our third party service providers have also adopted a set of binding corporate rules that have been approved by data protection regulators as demonstrating that those providers comply with the requirements of UK and EEA data protection laws.
How will we keep your personal data safe?
Our website uses an encrypted connection (look for the lock or shield in the address bar of your browser) so that no-one can read any of the data sent between your device and the server that hosts our website. We only use technical service providers that provide appropriate security measures to protect your personal data and we have a policy and procedure in place to ensure we can quickly and effectively deal with any security breaches involving your personal data.
How long will we keep your personal data for?
We will keep personal data collected through forms on our website until we have responded to your message. We may then add your details to our customer relationship management (CRM) system, where we will retain your personal data for a period of  years unless you become a customer during that time, in which case we will retain your personal data until you cease to be a customer.
You can withdraw your consent to receive marketing emails from us at any time by clicking the ‘Unsubscribe’ link at the bottom of each email. We will automatically unsubscribe you and delete your details if you have not opened any emails from us for more than  months.
What cookies does our website use?
Our website uses small text files, called cookies, which are stored on your device when you access and use our website. Apart from those cookies that are strictly necessary for us to provide you with access to our website we only store cookies on your device if you have consented to this. To find out more about cookies, how to refuse them and how to change your device’s cookie settings, you should visit the ICO Cookie Guidance.
The cookies we use are as follows:
What are your rights?
You have several rights in relation to the personal data we hold about you, including the right object to receiving emails from us, the right to request a copy of your personal data (commonly known as a ‘subject access request’) and the right to have any inaccurate or incomplete personal data about you corrected. In certain circumstances, you have the right to request deletion of the personal data we hold about you, ask us to restrict how we use it or object to our holding it.
If you are based in the UK, you have the right to complain to the ICO about how we have used your personal data. For further information visit the ICO’s website at: www.ico.org.uk/your-data-matters.
If you are based in the European Economic Area, you have the right to complain to your supervisory authority or the European Data Protection Supervisor about how we have used your personal data.
Will this notice change?
It is likely that we will update this policy as the website develops. We recommend that you check this notice regularly to take note of any changes. If we make any important changes to this policy, we will give you as much notice as possible of this either by email or by flagging this on our website.
What if I have any questions?
If you have any questions, you can contact us via the contact form by selecting ‘Other’ form the drop-down menu.