PRIVACY POLICY

Burning Bright Productions Limited (“Burning Bright”) is committed to protecting your privacy and honouring the integrity of your personal information. When we talk about personal data in this Privacy Policy, we mean personal information which identifies you or which could be used to identify you, such as your name and contact details.

This Privacy Policy sets out how and why we use any personal data you provide to us, and how you can control what we do with your information. 

 

1. Who is responsible for your personal data?

Burning Bright is responsible for your data, we control the data which we collect from you, and as such are registered as a data controller in the United Kingdom as required by law.

 

2. Obtaining your personal data

Depending on why you have come into contact with us, we might collect the following kinds of information about you: 

Job applications: For jobs on our productions, you can click through to register your CV (and availability) on online talent database run by Talent Manager; or for office jobs, you are invited to submit your CV to us directly. 

Appearing in our productions: If you apply to, or are featured in one of our shows, it will be necessary for us to be provided with your name, contact details and possibly other personal information relevant to the particular show (e.g. a photograph). If you are being paid for appearing in one of our programmes, it will be necessary for us to have your bank details. If you have been in a public place and observed a “Filming Notice” for the recording of one of our shows, we may have film of you in the background of the public place.

 

3. Sensitive personal data

Certain types of personal data, such as data about your physical or mental health, your racial origin, religious beliefs or any conviction of criminal offences, are deemed “sensitive personal data” - special categories of personal data which by law require additional protection. We will only collect sensitive personal data when it is absolutely necessary, for example, for a programme we may be making on sensitive subject matters (e.g. prisons or mental health). Often it is necessary for us to make background checks on any criminal convictions you may have to ensure a safe working environment for our contributors and crew. 

We will never collect sensitive personal data about you without your knowledge and consent. By providing any sensitive personal data, you explicitly agree that we may collect it and use it for the purposes which we have explained to you at the time.

 

4. Using your personal data

We can only use your personal data if we have a lawful reason for doing so. Under data protection law, we can only use your personal information for one or more of the following reasons:

  1. When you consent to us using your data;
  2. To fulfil a contract we have with you;
  3. If we have a legal obligation to use your data for a specific reason;
  4. When it is in our legitimate interests to do so.

Legitimate interests are our business reasons for using your data, but if we do use your personal data for our legitimate interests, we will not unlawfully put our interests above yours.

It is likely that we will have more than one lawful basis for using your personal information for a particular purpose. For example: 

 

6. How long will we keep your personal information?

We keep your personal data only for as long as we need it. How long this is depends on what we are using it for, whether that is for our own legitimate interests (examples given above), or so that we can comply with the law. We will actively review the information we hold and when there is no longer legal or business need for us to hold it, we will delete it securely.

 

7. How we protect your personal data

We use technical measures (such as encryption and password protection) to protect our systems and safeguard your personal data. We also use operational measures to protect the data, for example by limiting access to personal data to those persons in the Company on a strictly “need-to-know” basis only.

We are committed to keep these security measures under review to ensure we keep up to date with current best practice.

 

8. Sharing your personal data

In the business of making and selling content for television and radio it is necessary to share your personal data to limited categories of third parties, such as broadcasters, third party licensees of our content, or suppliers working on our shows. We will not share your personal information with any third parties without your consent (unless law or any court order requires us to do so).  If we seek to use your data in a manner different to the purpose for which it was collected, then we will ask for your consent prior to such use.

We promise never to sell your personal data to a third party. 

 

9. Cookies

 

We do not use cookies.

 

10. Sending data outside of the European Economic Area

We will only send data outside of the EEA if we are producing content in a country outside the EEA to which your personal data relates; or, we have licensed a programme in which your personal data appears; or, to comply with a legal duty. 

If we do transfer data outside the EEA, we will make sure that it is protected in the same way as if it were being used in the EEA either by transferring the data to a country outside the EEA which has privacy laws at least as protective as those within the EEA; or, contracting the recipient of the data to protect the data to the same standards as required within the EEA.

 

11. Your Rights

You are entitled to copies of your personal data held by us and to request that we correct or delete such data. You can also restrict or object to the processing of your information. 

If you gave us your consent to use your personal data, e.g. so that we can contact you about appearing in a programme, you can withdraw your consent. Please note that even if you withdraw your consent, we can still rely on the consent you gave as the lawful basis for processing your data before you withdrew your consent.

You can also object to our use of your personal data where we rely on our legitimate interests to do so. 

When you get in touch, we will respond without undue delay and within one month. We may also ask you to verify your identity before we provide any information to you.

The information provided to you will be in a commonly used and easily readable format. There is no charge for most requests, but if you ask us to undertake an excessive task to identify your personal data we may ask you to pay a reasonable admin fee, taking into account the administrative costs of providing the information. 

To exercise any of your rights, you can send an email to us at or you can write to us at Chief Privacy Officer, 12-14 Whitfield Street, London, W1T 2RF.