This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed.
It also explains your rights under the law relating to your personal data.
Creation Digita Media Ltd ("We", "Us", "Our") understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our customers and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the "GDPR") as 'any information
relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier'.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
The personal data that we use is set out in Part 3, below
In order to provide you with our service and pass your details on to one of our Private Medical Insurance clients so they can contact you by phone and provide you with more information or a quote for Private Medical Insurance. We do not knowingly, deliberately or aim to, collect personal data from children under the age of 18, either for registration or for marketing purposes. If you are 18 or over we may collect some or all of the following personal data (this may vary according to your relationship with us).
We collect your personal data in a number of ways:
Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for
our performance of a contract with you, because you have consented to our use of your personal data, or because it is
in our legitimate business interests to use it. We collect for personal information in order to provide you with our
service and pass your details on to one of our Life Insurance clients so they can contact you by phone and provide you
with more information or a quote for Life Insurance. The information we hold is held securely within an encrypted database.
We take the protection of this data very seriously and will only routinely share data via secure systems with relevant
lenders in the interest of clients, to progress and conclude claims. We may, on occasion, also be legally required to
share data with regulatory bodies, including the Ministry of Justice, the Financial Ombudsman Service, the Legal Ombudsman
and the Information Commissioner's Office.
Your personal data may be used for one of the following purposes under a legitimate interest or consent basis. The method of communication will be either by telephone, email, or post. The method of communication will be determined by the consent you have provided.
The legitimate interests can be your interests or our interests. They can include commercial interests, individual interests or broader societal benefits but we need to be able to identify a legitimate interest; show that the processing is necessary to achieve it; and balance it against your interests, rights and freedoms.
With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email and telephone and text message and post with information, news, and offers on our products and services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you always have the opportunity to opt-out.
We only ever send personal information to 3rd parties where you have given consent to do so. To prevent fraud and to ensure data accuracy it is necessary to submit your information for verification and filtering.
This enables us to provide our services to you, and fulfil our legal obligations. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure servers that are subject to strict security requirements
We will only share some or all of your personal data with select third parties. We share your personal information in order
to provide you with our service and pass your details on to one of our Private Medical Insurance clients so they can
contact you by phone and provide you with more information or a quote for Life Insurance.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party's obligations under the law, as described in Parts 5 and 9.
Under the GDPR, you have the following rights, which we will always work to uphold:
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 14.
Further information about your rights can also be obtained from the Information Commissioner's Office or your local Citizens Advice Bureau.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner's Office.
mobile or handheld device (such as smart 'phones or 'tablets'), as you browse our websites. They are used to 'remember'
name, address or other contact details. The cookies stored on your computer or other device when you access our websites
are set by us and other third parties. Cookies may also be set by third parties who we use for marketing. None of these
third parties collect any personal data from which they would be able to identify individual customers.
The main purposes for which cookies are used are:
If you want to disable cookies you need to change your website browser settings to reject cookies. How to do this will depend on the browser you use. In general the site may not operate effectively if cookies are deactivated.
We will only store or transfer your personal data within the European Economic Area (the "EEA"). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the GDPR or to equivalent standards by law
We will not keep your personal data for any longer than is necessary in light of the reasons for which it was first collected. We will keep your contact details following an enquiry to our website for a period of 6 months. After 6 months your personal information is placed in a suppression file for a further 18 months. We need to do this to ensure you do not receive any further communication from us or from any of our partners if your information has been supplied to them previously and for fraud prevention purposes.
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy
of it (where any such personal data is held). This is known as a "subject access request".
All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 14.
To make this as easy as possible for you, a Subject Access Request Form is available for you to use. You do not have to use this form, but it is the easiest way to tell us everything we need to know to respond to your request as quickly as possible.
There is not normally any charge for a subject access request. If your request is 'manifestly unfounded or excessive' (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within 28 day's and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request
We are regulated by the Information Commissioner's Office (ICO) in respect of our obligations to protect your data. You have
the right to raise a concern about our use of your data to the ICO, who will investigate this on your behalf. The ICO
will only investigate complaints made within three months of your last contact with us.
You can contact the ICO through their website: https://ico.org.uk or by telephone: 0303 123 1113.
You may download, print extracts and/or make copies of works on this site for your own personal and non-commercial use, providing you acknowledge Creation Digital Media Ltd as the source of the information and include a link to our website.
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change
our business in a way that affects personal data protection.
Any changes will be made available by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes, although anything that will affect you will be communicated directly to you.
· Information About Creation Digital Media Limited
To contact us about anything to do with your personal data and data protection, including to make a subject access request,
please use the details provided below and address this for the attention of the Data Protection Officer.
Creation Digital Media Limited is a Limited Liability Company registered in England under company number 12146045.
Registered address: 2 Frederick Street, London, WC1X 0NF
Email address: firstname.lastname@example.org
Telephone number: 07795 196184