This privacy notice was last updated on the 25th of May 2018
We will update this Notice from time to time and you should review it whenever you visit our website or before providing us with any personal data about yourself.
Who we are
We are A Current Affair LLP trading as ACA Live. This privacy notice applies to the Company and will be referred to here as ACA Live.
ACA Live are a creative agency delivering memorable experiences that people love, talk about and share. We specialise in the creative delivery of live events across all sectors. For the purpose of the General Data Protection Regulation (Regulation (EU) 2016/679) (“the GDPR”), ACA Live is a data controller in respect of any personal data we collect.
How we collect your personal data
We will only collect and use your personal data where we have legitimate business reasons to do so. We may obtain personal data from you to provide you a service or when we provide a service to one of our institutional clients, when you contact us or visit our offices, including when you call us, get in touch with us via our website, or when you or your organisation correspond with us using any means of communication. This includes personal data provided to us:
- in regard to services we provide;
- when you register to attend an event we are organising for our client;
- when you contact us with a question or enquiry via our website or by calling our office;
- when you provide our staff with business cards or contact details;
- if you deal with us when we are providing services to one of our clients;
- when we receive referrals from other employees, clients or suppliers;
- when you make a complaint;
- when you deal with us in order to provide us with goods or services;
- when you contact us about employment with ACA Live;
- when staff give us your details as an emergency contact; or
- when job applicants give us your details as a referee.
We may also collect your data when we search websites where you have posted your data or where your data has been posted to be found in relation to business opportunities. We will of course let you know at the earliest opportunity when we have gathered your data in this manner.
We may use third party websites to collect your data when registering for an event. We have checked that the websites we use for this purpose have adequate technological and organisational measures to protect your data.
The personal data we collect
We collect personal data in order to provide the best possible service we can or to maintain good relationships. We only collect the data we need and we will ensure we have appropriate physical and technological security measures to protect your personal data.
For clients using our services or suppliers whose services we use, depending on the relevant circumstances and applicable local laws and requirements, we may collect some or all of the following information: name, title, email address, postal address, telephone numbers and other contact numbers, nationality, country of birth, place of birth, proof of identification, passport details, bank details and proof of address. We may also hold extra information that someone in your organisation has chosen to tell us, where we have a good reason to hold it.
For employees or candidates applying for a job with ACA Live, depending on the relevant circumstances and applicable local laws and requirements, we may collect some or all of the following information: name, title, date of birth, gender, marital status, photograph, email address, postal address, telephone numbers, education details, employment history, emergency contacts and details of any dependants, referee details, a copy of your driving licence and/or passport/identity card, tax-related information and physical or mental health details, including disability-related information, and details of any criminal convictions. We may also hold limited health information where you have made us aware or where you have told us to justify an absence.
What we use your information for
ACA Live collects and processes your personal data for legitimate Business Management and Human Resource purposes including:
- administering our clients’ products and services;
- managing the financial relationships with our clients;
- processing transactions;
- processing instructions from clients;
- to make arrangements with third parties when you are attending one of the events we organise on behalf of a client;
- in connection with legal and dispute management;
- for compliance with legal, regulatory and tax reporting obligations;
- releasing your personal information to regulatory or law enforcement agencies, if they require us to do so by law for the prevention, detection and investigation of crimes;
- to market our related products and services directly to you, and advise you of any updates to our services. Where we do so you will be able to unsubscribe at any time from receiving any further communications from us;
- to contact you from time to time for market research purposes. We may contact you by email, phone or mail.
- internal record-keeping;
- to match your skill sets with job vacancies;
- for payroll purposes;
- contacting you in an emergency involving a candidate or member of staff;
- contacting you in order to take up a reference;
- we may use the information to improve our services to you; or
- to fulfil contractual obligations with our clients.
We may use your personal data for these purposes if it is necessary for the formation or performance of a contract, for the fulfilment of statutory or other legal obligations, or where we deem it to be necessary for our legitimate interests or for mutually beneficial legitimate interests. Our legitimate interests are explained a little further down this notice.
Sharing your personal data
Where appropriate and in accordance with local laws and requirements, we may share your personal data with:
- clients when you are attending one of their events;
- third parties when making arrangements for you to attend an event;
- tax, audit, or other authorities, when we consider in good faith that the law or other regulation requires us to share this data;
- third party service providers who perform functions on our behalf (including external consultants, business associates and professional advisers such as lawyers, auditors and accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems); or
- third party outsourced IT and document storage providers where we have an appropriate processing agreement (or similar protections) in place;
We post customer testimonials and comments on our Websites, which may contain Personal Information. We obtain each customer’s consent via email prior to posting identifying information.
If ACA Live acquires, merges with or is acquired by another business or company in the future, (or is in meaningful discussions about such a possibility) we may share your personal data with the other business or company, subject to appropriate assurances as to the protection of your data privacy.
You have individual rights under the GDPR. You can exercise any of these rights by contacting us using our contact details at the end of this notice or by any other means. Your rights are listed and explained below. You have the right to:
- be informed of what we do with your data;
- ask us to share what information we hold about you;
- update your data if you think it’s incorrect or insufficient;
- have your personal data deleted (right to be forgotten);
- ask us to stop processing your data – where consent has been given you can withdraw that consent at any time by contacting us using the details at the bottom of this notice;
- have the personal data you have given us transferred to another company;
- object to us processing your personal data where we do so under legitimate interests;
- ask us to explain and to ask us to stop using automated decision making (a decision made by automated means without any human involvement) and profiling (where we classify you into different groups or sectors, using algorithms and machine-learning to identify links between different behaviours and characteristics to create profiles for individuals).
Transfer of data outside the EU
ACA Live will inform you when we collect data that may be sent outside of EU and to a country without adequacy status. Normally your data will not be transferred to a country or territory outside the EU unless we need to in the performance of our services on behalf of a client. We will only transfer the minimum data required and will make every effort to ensure that an adequate level of protection or the appropriate safeguards are in place to protect your rights and freedoms.
It is our policy only to keep records of your personal data for as long as required under the legal obligations of delivering a service to you, or as required by relevant authorities or other legislation, whichever requirement is longer, after which it will be deleted or destroyed.
If you are a client or a supplier we will, for regulatory reasons (or to settle a dispute), keep your data for six years after the end of each financial year in which you transacted with us.
If you have contacted us via our website, registered in uor web store or sent us an communicated with us in any way and we do not engage in a professional relationship with you, we will destroy your data after two years or sooner.
If you send us your CV we may keep it for a period of one year.
The GDPR states (in Article 6(1)(f)) that we can process your data where it is necessary for the purposes of the legitimate interests pursued by us except where such interests are overridden by your interests or fundamental rights or freedoms.
Our legitimate interests explained – ACA Live think it’s reasonable to expect that if we have had a professional relationship with you or you have contacted us about a job or our professional information has been posted on a professional networking site, or you have been referred to us in a professional capacity, or we have been given your name as an emergency contact or as a referee, you are happy for us to use your personal data to contact you for a relevant reason. If you don’t want any further contact with us you can ask us to stop by contacting us using the details at the end of this Privacy Notice.
Cookies are small text files that are created on your device when you visit our website and we may read these text files to understand more about your on-line interaction with us. We do not store any personal data in our cookies. We use a third party service, Google Analytics, to collect this information and it is only processed in a way which does not identify you. You can use manage cookies via your browser settings or with a plugin for your browser, available here.
We are committed to ensuring that your information is protected. In order to prevent unauthorised access or disclosure, we have put in place technical and organisational measures to safeguard the information we collect. Our servers are secured in our offices or in highly secure locations within the EU.
Links to other websites and social media
Our website contains links to other websites we think may be of interest. We do not have any control over other websites. You should read their Privacy Notice or other such statements to understand how they will collect and process your data.
To exercise any relevant rights, queries or complaints please contact us via a method shown on our web page here or by one of the following means:
By Phone: +44 (0) 20 3875 1100
23 Glenhaven Avenue
If you wish to make a complaint about how we process your data you can contact your local supervisory authority. If you are in the UK your local Supervisory Authority is the Information Commissioners Office (ICO) and their contact details are available on their website at https://ico.org.uk/global/contact-us.
Supervisory Authorities for other countries can be found on the European Commissioners website at https://ec.europa.eu/info/index_en