1.3. Set forth below is a description of how we process your personal data, and if you wish to receive additional information on the processing of your personal data, you are welcome to contact us at: firstname.lastname@example.org.
2. PERSONAL DATA WE PROCESS
2.1. Personal data refers to information which, directly or indirectly, may be associated with a living natural person, such as name, personal identity number, IP address, payment details, photos, e-mail addresses, phone number and other contact details etc.
2.2. We process personal data about persons who:
2.2.1. are a customer of CREED;
2.2.2. are a talent engaged by CREED;
2.2.3. are a representative and/or employee of a customer or talent;applies for a job at CREED or enter a business or legal relationship with CREED;
2.2.4. are an employee at CREED;
2.2.5. are otherwise affected by our services; or
2.2.6. receives our newsletters, other communication and/or attend our events.
2.3. We process personal data for the purposes of administrating and performing our services, managing customer and talent relationships, fulfilling our legal obligations, recruiting staff, entering business or legal relationships, improving and marketing our services and sending newsletters.
2.4. The personal data that CREED processes is either provided by you, the company which you represent or by a company which you have engaged, and which uses our services. We may also collect personal data from private and public registers as well as from public authorities.
3. LEGAL BASIS
3.1. We process personal data when necessary to (i) provide our services and fulfill our obligations towards you in accordance with agreements and terms entered into, (ii) communicate with you, (iii) send out newsletters and/or offers about our services, (iv) when we have your consent to process your personal data or (v) when there is another legitimate interest for us to process your personal data. If we process your personal data for any specific purpose which requires your consent under the GDPR, or any other data protection legislation, we will obtain your consent in advance.
3.2. Personal data will always be processed confidentially and protected by appropriate security measures. CREED ensures that companies that process and/or manage personal data on our behalf, uses a high level of security measures in order to protect your personal data.
3.3. We may disclose your personal data to external parties with whom we collaborate e.g. licensors, marketing agencies, e-mail service providers and database and website service providers etc. We may also disclose your personal data when we have a legal obligation to do so, e.g. due to anti-money laundering legislation, tax legislation, court orders or requests from government authorities.
3.4. We may transfer and store personal data in countries outside the EU/EEA in order to perform our services. When CREED transfers personal data to such countries, we will ensure that your personal data is adequately protected through the use of relevant safeguards.
4. STORAGE AND DELETION OF PERSONAL DATA
4.1. Personal data will only be stored for as long as it is necessary in order for us to fulfil the purposes of the processing, or for as long as we are required to store the information according to applicable legislation and relevant guidelines. The personal data is thereafter erased in accordance with our erasure procedure.
4.2. You may unsubscribe from our newsletters or similar communication at any time. In such event we will no longer store or process your personal data for such purposes.
5. YOUR RIGHTS AS A DATA SUBJECT
5.1. CREED is the controller for the processing of your personal data, and as a data subject you have certain rights as regards your personal data. The rights are however not absolute, meaning that there are exceptions to some of the rights where we cannot proceed and fulfill your request.
5.2. As a data subject, you have the following rights:
5.2.1. Right to withdraw your consent – meaning that you have the right to withdraw your consent where CREED process your personal data based on consent;
5.2.2. Right to access – meaning that you have the right to request a confirmation of our processing of your personal data, to receive information about the processing, access the personal data in question, and the right to obtain a copy of your personal data;
5.2.3. Right to rectification – meaning that you have the right to have any incorrect personal data about you as a data subject corrected by us;
5.2.4. Right to erasure – meaning that you have the right to have your personal data erased under certain circumstances. This right is limited, and we may be obligated to save your personal data in accordance with applicable law;
5.2.5. Right to object – meaning that you have the right to object to CREED’S processing of your personal data under certain circumstances;
5.2.6. Right to restricted processing – meaning that you have the right to have CREED restrict the processing of your personal data, but not delete it; and
5.2.7. Right to data portability – meaning that you may request CREED to transfer your personal data to another data controller.
5.3. If you feel that our processing of your personal data does not comply with applicable data protection legislation, you are entitled to lodge a complaint with the Swedish Data Protection Authority (Sw. Datainspektionen).
6. LINKS TO THIRD PARTY SITES
7. AMENDMENTS AND ADDITIONS