Privacy Policy

1. INTRODUCTION

1.1. This Privacy Notice sets out the ways in which Creative Roots Studio Ltd (we, us, our), collect and use your personal data (your personal information) in connection with our business. It also explains the rights you have to access or change your personal data.

1.2. Creative Roots Studio Ltd takes your privacy seriously. We are committed to protecting and respecting your privacy. Everyone has rights with regard to the way in which their personal information is handled. During the course of our activities we will collect, store and process personal information about our customers, suppliers and other third parties, and we recognise that the correct and lawful treatment of this data will maintain confidence in the organisation and will provide for successful business operations.

1.3. Our website is not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 13. If you are under the age of 13, please do not access our website at any time or in any manner. We will take appropriate steps to delete the personal information of persons under the age of 13.

2. ABOUT US

2.1. Creative Roots Studio is a creative studio, agency and coaching business with the following website: www.creativerootsstudio.com.

2.2. Creative Roots Studio is the trading name of Creative Roots Studio Ltd, which is registered in England (company number 15550802) and registered with the UK’s Information Commissioner’s Office under the Data Protection Act 2018. Our data controllers are Fiz Osborne and Rachael Davis-Featherstone, and we encourage you to get in touch with any questions you may have about Creative Roots Studio.

2.3. You can contact us as follows: Post: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ Email: contact@creativerootsstudio.com Website: www.creativerootsstudio.com

2.4. If you’d like to change your web, contact or marketing preferences, you can do so at any time by emailing us at contact@creativerootsstudio.com to request the necessary amendments.

3. INFORMATION WE MAY COLLECT ABOUT YOU

3.1. Information that you provide to us.

3.1.1. We will collect any information that you provide to us when you:

(a) corresponding with us over the phone, by email, on our website or otherwise;

(b) submit manuscripts and other content to us by post, email or via our website;

(d) submit information for surveys or market research we may conduct, or otherwise providing us with feedback;

(e) submit an enquiry or application to work with or for us;

(f) Meet us at events or elsewhere;

(g) Giving us your business card or other marketing materials;

(h) Receiving your instructions to provide our services, and in the performance of those services;

(i) Subscribing to our services or publications, or otherwise requesting marketing material to be sent to you;

(j) ‘follow’, ‘like’, post to or interact with our social media accounts, including Instagram, LinkedIn and X.

3.1.2. We may also collect personal information from third parties or publicly-available sources, such as:

(a) Your company for which we are providing training or coaching services

(b) Your business colleagues and other contacts

(d) Conducting searches of publicly0available databases or social media sites (Linkedin, Facebook, X)

(e) Analytics providers (such as Google)

3.1.3. The information you provide to us will include (depending on the circumstances):

(a) Identity and contact data: title, names, addresses, email addresses and phone numbers, other contact information, social media identifier;

(b) Financial and contract data: if we represent you, you may also provide us with your bank details, VAT and tax information, immigration and residency information, photographs of you, images and samples of your work, your existing contracts (and related correspondence) with publishers or other licensees of your work or other individuals or companies, contact details of people who you have entrusted to liaise with us on your behalf

(c) Employment and background data: If you are submitting a manuscript for review or a job application, you may also provide additional information about

your academic and work history, qualifications, skills, projects and research that you are involved in, references, proof of your entitlement to work in the UK, your national security number, your date of birth, your passport or other identity document details, your current level of remuneration (including benefits), and any other such similar information that you may provide to us; (d) Transaction data: if you buy any coaching services, you may also provide details about payments to and from you, and other details of services you purchase from us.

(e) Profile data: if you subscribe to our members areas, we may hold data such as your username, password, purchases or orders made by you, your interests, preferences, feedback and survey responses.

(f) Marketing and communications data: such as your communication preferences and in receiving marketing from us.

(g) Performance data: such as performance analytics from tests taken via the coaching hub or feedback given.

3.2. Information we collect about you:

(a) Information contained in correspondence: We will collect any information contained in any correspondence between us. For example, if you contact us by email or telephone, we may keep a record of that correspondence;

(b) Website usage data: We may collect information about your interactions with the website, including information such as login data, IP address, page views, searches, requests, orders, pre-approvals, confirmations, agreements between you and other website users and other actions on the website;

(c) Technical data: including IP addresses, your log-in data, browser type and version, time-zone setting and location. We may also collect certain information about how you use our website and the device that you use to access our website, even where you have not created an account or logged in. This might include your geographical location, device information (such as your hardware model, mobile network, unique device identifiers), the date transmitted by your browser (such as your specific site, time zone settings, access status/HTTP status code, volume of data transmitted, browser type and version, language settings, time zone settings referral source, length of visit to the website, date and time of the request, operating system and interface), number of page views, the search queries you make on the website and similar information. This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies or similar technologies. For more information on cookies please read the COOKIES section below.

3.3. Information we receive from third parties

3.3.1. In certain circumstances, we will receive information about you from third parties, such as Identity Data, Contact Data, Document Data relating to business colleagues and other contacts. For example:

(a) Employers and referees: you are a job applicant we may contact your recruiter, current and former employers and/or referees, who may be based inside or outside the EU, to provide information about you and your application;

(b) Publishers and other licensees of your work: If we represent you, you will normally authorise us to receive information about you from your publishers and other licensees such as information about your contracts, performance, royalties and other payments;

(c) Third parties who can verify submitted information: If you submit a manuscript to us for our review, we may use third party providers to verify the information that you provide to us in connection with that submission. For example, we will use third-party databases or websites to confirm your publication history;

(d) Website security: we may collect information from our website security service partners who are based inside or outside the EU, about any misuse of the website, for instance, the introduction of viruses, Trojans, worms, logic bombs, website attacks or any other material or action that is malicious or harmful.

3.3.2. We might also receive information about you from third parties if you have indicated to such third party that you would like to hear from us.

3.3.3. Sometimes third parties may be based outside the EU

3.4. ‘Special category’ data: Due to the nature of the services we provide, you will be asked to provide sensitive personal data, also referred to as special category personal data. Special category personal data includes information relating to your ethnic origin, political opinions, religious beliefs, whether you belong to a trade union, your physical or mental health or condition, sexual life, and whether you have committed a criminal offence. We will only collect your sensitive personal data where we have a legal ground to do so or with your explicit consent.

3.4.1. At no point during the course of providing you with our services, should we need to collect ‘special category’ data, unless the service we are providing, specifically request us to process that data.

3.4.2. During any third party reviews, supplier new client acquisitions or recruitment processes to join Creative Roots Studio, we would not ask to hold any special data.

4. HOW WE USE INFORMATION ABOUT YOU AND RECIPIENTS OF YOUR INFORMATION

4.1. We will use your information for the purposes listed below either on the basis of:

4.1.1. if you are represented by us, the performance of your contract with us and/ or the provision of our services to you;

4.1.2. your consent (where we request it);

4.1.3. where we need to comply with a legal or regulatory obligation; or

4.1.4. our legitimate interests or those of a third party (see paragraph 4.3 below).

4.2. We use your information for the following purposes:

4.2.1. To provide access to our website: to provide you with access to our website in a manner convenient and optimal and with personalised content relevant to you including sharing your information with our website hosts and developers (on the basis of our legitimate interest to ensure our website is presented in an effective and optimal manner);

4.2.2. Relationship management: to manage our relationship with you, which will including notifying you about changes to our terms of use or privacy policy (on the basis of performing our services for you, to comply with our legal obligations and on the basis of our legitimate interests to keep our records updated and study how our website and services are used);

4.2.3. To conduct business with you: to contact you and manage and facilitate our business relationship with you, including (if we represent you):

(a) the administration of your contract with us including administration of any contracts with third parties when we represent you on such contracts);

(b) recording and processing of payments;

(c) a variety of activities relating to your written or illustrated works such as confidentially sharing with third parties and promotional activities.

4.2.4. Social media interactions: to interact with users on social media platforms including Facebook, LinkedIn, Twitter, Pinterest, Instagram and Google+, for example, responding to comments and messages, posting, ‘retweeting’ and ‘liking’ posts (on the basis of our legitimate interest in promoting our brand and communicating with interested individuals)

4.2.5. To send you marketing and promotional communications for Business Purposes and/or with your Consent. We and/or our brand partners may use your personal data for our marketing purposes, if this is in accordance with your marketing preferences. You can opt-out of our marketing emails (see below for further details).

4.2.6. To facilitate account creation and the log-in process for a members area with your Consent.

4.2.7. User and client support: to deal with enquiries or complaints about the website and share your information with our website developer, IT support provider as necessary to provide support (on the basis of our legitimate interest in providing the correct services to our website users and to comply with our legal obligations);

4.2.8. Recruitment: to process any membership applications you submit to us;

4.2.9. Research: to carry out aggregated and anonymised research about general engagement with our website (on the basis of our legitimate interest in providing the right kinds of services to our website users). We may also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

4.2.10. Fraud and unlawful activity detection: to protect, investigate, and deter against fraudulent, unauthorised, or illegal activity, including identity fraud (where we have a legal obligation to do so);

4.2.11. Compliance with policies, procedures and laws: to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so);

4.3. As outlined above, in certain circumstances we may use your personal information to pursue legitimate interests of our own or those of third parties. Where we refer to using your information on the basis of our “legitimate interests”, we mean our legitimate interests in conducting and managing our relationship with you, including the legitimate interest we have in:

4.3.1. personalising, enhancing, modifying or otherwise improving the services and/or communications that we provide to you;

4.3.2. detecting and preventing fraud and operating a safe and lawful business;

4.3.3. improving security and optimisation of our network, sites and services

4.4. Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights” below.

5. WHO WE MIGHT SHARE YOUR INFORMATION WITH

5.1. In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we will share your personal information when relevant with third parties such as: 5.1.1. Our service providers: third parties we work with to deliver our business (including, for example, hosting or operating the website and our databases and site analytics);

5.1.2. Publishers, licensees, sub-agents, advisors and service companies: if we represent you, any publishers or other licensees of your work (or prospective publishers and licensees) as well as sub or co-agents, advisors (such as your solicitor or accountant) and editorial service providers, where applicable

5.1.3. Prospective sellers and buyers of our business: any prospective seller or buyer of such business or assets, only in the event that we decide to sell or buy any business or assets;

5.1.4. HM Revenue & Customs, the Information Commissioner’s Office other authorities who require reporting of processing activities in certain circumstances;

5.1.5. Other third parties (including professional advisers): any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.

5.1.6. We require third parties to maintain appropriate security to protect your information from unauthorised access or processing.

5.2. Consent:

5.2.1. You will be required to give Consent to certain processing activities before we can process your personal data. Where applicable, we will seek Consent from you when you first submit personal data to or through our website and/or services.

5.2.2. If you have previously given your Consent you may freely withdraw such Consent at any time. You can do this by emailing contact@creativerootsstudio.com or, where applicable, clicking the ‘Unsubscribe’ button that appears in mailing list communications.

5.2.3. If you withdraw your Consent, and if we do not have another legal basis for processing your personal data, then we will stop processing your personal data. If we do have another legal basis for processing your personal data, then we may continue to do so subject to your legal rights.

5.2.4. If you have given Consent to marketing we may contact you about our products, services, promotions and special offers. If you no longer wish to receive such personal data, you can withdraw your Consent at any time by sending an email to contact@creativerootsstudio.com or unsubscribing from the communications.

5.2.5. If you have given Consent, we may share your personal data with carefully selected third party organisations and business partners and they may contact you directly. If you would prefer to no longer receive direct marketing communications from third parties and partners after previously giving your Consent, please contact those third parties and partners directly to withdraw the Consent.

6. COOKIES

6.1. We use cookies to ensure that you get the most out of our website. Cookies are small amounts of information in the form of text files which we store on the device you use to access our website. Cookies allow us to monitor your use of the software and simplify your use of the website.

6.2. If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings please consult the “Help” section of your internet browser (or alternatively visit http://www.aboutcookies.org). Please note that, if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of the website.

6.3. The cookies that are used on our website are known as Functional and Required Cookies and Analytics and Performance Cookies and these are the default cookies set by Wix, our website hosting and platform provider. Further details on the cookies used can be found at this page: https://www.wix.com/about/cookie-policy, but our website does not use cookies that are not relevant (for example cookies that involve logging into a website are not used).The names of the cookies used on our website and the purposes for which these cookies are used are set out below:

6.4. Our website may contain content and links to other sites that are operated by third parties that may also operate cookies. We don’t control these third party sites or cookies and this Privacy Notice does not apply to them. Please consult the terms and conditions and Privacy Notice of the relevant third party site to find out how that site collects and uses your information and to establish whether and for what purpose they use cookies.

7. HOW WE LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR

7.1. We operate a policy of “privacy by design” by looking for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:

7.1.1. ensuring the physical security of our offices, warehouses or other sites;

7.1.2. ensuring the physical and digital security of our equipment and devices by using appropriate password protection;

7.1.3. limiting access to your personal information to those in our company who need to use it in the course of their work.

7.2. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

7.2.1. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

7.2.2. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

8. INTERNATIONAL TRANSFERS OF YOUR INFORMATION

8.1. Our company is located in the UK.

8.2. We will transfer your personal data outside the European Economic Area (EEA) where necessary for us to perform our contract with you such as by way of sharing your personal data with licensees or purchasers of your Work or sub-agents (as applicable and including prospective parties).

8.3. Note that Wix as our website hosting and platform provider may transfer Website Usage Data (as above) out of the EEA in an anonymised, or pseudonymised form for the purposes described above and using a lawful data transfer mechanism that is recognized under EU Data Protection Law as providing an adequate level of protection for such data transfers.

9. YOUR RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU

9.1. You have certain rights in respect of the information that we hold about you, including:

9.1.1. the right to be informed of the ways in which we use your information, as we seek to do in this Privacy Policy;

9.1.2. the right to ask us not to process your personal data for marketing purposes;

9.1.3. the right to request access to the information that we hold about you;

9.1.4. in certain circumstances, the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format;

9.1.5. the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;

9.1.6. the right to withdraw your consent for our use of your information in reliance of your consent (refer to paragraph 4 to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy policy;

9.1.7. the right to object to our using your information on the basis of our legitimate interests (refer to paragraph 4 above to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground;

9.1.8. in certain circumstances, the right to ask us to limit or stop processing information about you, or erase information we hold about you; and

9.1.9. the right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/), as well as with the relevant authority in your country of work or residence.

9.2. Please note that we may need to retain certain information for our own record-keeping and research purposes.

How to exercise your rights:

9.3. You may exercise your rights above by contacting us using the details in section 2 of this Privacy Notice, or by updating your preferences with us.

9.4. You may contact us via the details at the top of this Privacy Notice if you wish to action any of these additional rights and we will comply with your requests unless we have a lawful reason not to do so.

What we need from you to process your requests:

9.5. We may need to request specific information from you to help us confirm your identity and to enable you to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

9.6. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

If you cannot or will not provide use with your personal information:

9.7. Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

10. THIRD-PARTY LINKS

10.1. The website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

10.2. We have no responsibility for the contents of the linked websites and their inclusion does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, we take no responsibility for, and will not be liable for the website being temporarily unavailable due to technical issues beyond our control.

11. CHANGES TO THIS PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES

11.1. We may make changes to this Privacy Notice from time to time. We will post any changes to our site, or notify you of any material changes by e-mail.

11.2. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your profile account information or contacting us via the contact details at the top of this Privacy Notice.

This Privacy Notice was updated on 9th May 2024.