Privacy Policy

Welcome to Superstruct Entertainment Limited’s Privacy Notice

We consider the protection of your privacy to be extremely important. We are bound by and use your personal data in accordance with the Data Protection Act 2018 (the “DPA”) andthe General Data Protection Regulation 2016/679 of April 27th 2016 (the “GDPR”).

We want to inform you as much as possible, respect you and give you control over what happens to your personal data and what you share with us.

Our Privacy Notice is designed to make you aware of what data we are collecting and how we collect it.

Please take time to read through our Privacy and Cookies Notice (https://www.superstruct.com/cookie-policy) to understand your rights.

For any additional information on the protection of personal data, please visit the website of the Personal Data Authority:  https://ico.org.uk/

1.1 About us - Our contact details

Name: Superstruct Entertainment Limited

Address: 7th Floor, 364-366 Kensington High Street, London, England, W14 8NS

Data Protection Officer e-mail: privacy@superstruct.com

1.2 What personal data do we collect and how?

Personal data shall mean any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to physical, physiological, genetic, mental, economic, cultural or social identity.

We currently collect and process the following information:

  • Personal identifiers and contact details (for example, name and contact details, address, age / date of birth)
  • Cookies
  • Other personal data you may disclose to us when you use our website or services at any time

1.3 How do we collect your personal data?

We will collect your personal data directly from you when you:

  • contact us to know about our services;
  • send an email, phone or online request to our marketing or partnerships team;
  • agree to use our services; and
  • visit our websites (see more in our Cookie Notice https://www.superstruct.com/cookie-policy).

1.4 Other information we collect about you and information we receive from third-party sources

We also receive personal data indirectly, from the following sources:

  • From businesses within our Group to conduct research and analysis to help improve their services to you.

2.1 What do we use your data for?

  • Service and Operational Purposes:
  • to provide you with the service you have requested from us;
  • to improve and update our website and to make sure that content from our website is presented to you in the most effective and optimal manner (please view the specific Cookie Notice https://www.superstruct.com/cookie-policy for more information).
  • Legal Purposes: We may use your information to enable us to enforce our legal rights, and/or to protect the rights, property or safety of our employees and/or other third parties.

2.2 Legal grounds for processing your personal data

We will only use your personal data when the law allows us to. Under the DPA 2018 and the GDPR the lawful bases we rely on for processing this information are:

(a) Your consent. You are able to remove your consent at any time by contacting us at privacy@superstruct.com;

(b) We have a contractual obligation (i.e. to provide you with the services you would like to contract us to perform);

(c) We have a legal obligation (i.e. to detect fraud, or tax purposes);

(e) We need it to perform a public task;

(f) We have a legitimate interest (i.e. for direct marketing or improving our services) and your interests and fundamental rights do not override those interests.

  1. Who will your data be shared with?

We may share your data with affiliated companies within our group (our “Group”) (in accordance with data sharing agreements in place with those entities) for service and operational purposes. We may also share this information with any third parties and governmental institutions to comply with our legal obligations and enforce our legal rights (i.e. tax obligations).

  • Any third parties and governmental institutions to comply with our legal obligations and enforce our legal rights (i.e. tax obligations).

Before sharing any of your personal data with external providers, we require our providers to sign an agreement confirming that your data will be kept secure and, where possible, place them under the obligation to act in the capacity of data processor. This means that we determine the purpose for which and the manner in which your data is to be processed and the data processor is only allowed to handle your data according to the instructions and security standards that we follow.

We do not sell your Personal Data or your Sensitive Personal Data, nor do we share it with third parties for cross-context behavioural advertising.

  1. How do we protect your personal data?

We take all reasonable and appropriate technical and organisational measures to protect the security of your personal data throughout the course of our business. Technical safeguards are for example restrictive access, encryption, antivirus software, regular testing and evaluation.

In case we transfer your information to a country which is outside the UK or the EEA we have put in place contractual agreements or other measures with any recipients of your information to ensure your personal data will be equally protected.

  1. How long will we keep your personal data for?

Your information is securely stored on Mandrill.

We keep the information we collect only for as long this is necessary for the purpose we collected it. We will then dispose of your information by removing all files and back-ups from all personal computers, one drive and hard drive. Our retention periods are being determined as per the legal requirements.

  1. How do we approach to children’s privacy?

Our website is designed and intended for adults. We understand the importance of taking extra precautions to protect the privacy and safety of children.

If you learn that a child has, in violation of this Privacy Notice, registered for email newsletters, or otherwise provided their Personal Data, please report it to us using the contact information provided at the bottom of this Privacy Notice. If we become aware that an underage user has provided Personal Data without parental permission, we will delete all Personal Data provided by that user to the extent feasible and as soon as practicable.

  1. What are your rights?

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you before you can complain at the relevant Supervisory Authority.

Under data protection law, you can exercise the following rights:

Your right to withdraw consent- You can withdraw your consent at any given time by contacting us at privacy@superstruct.com.

Your right of access - You have the right to ask us for copies of your personal data.

Your right to rectification - You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal data in certain circumstances i.e. if your personal data are no longer necessary for the purpose they were collected for or if you withdraw your consent.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal data in certain circumstances i.e. if you think that the information we process is inaccurate or unlawful.

Your right to object to processing - You have the right to object to the processing of your personal data only if we process the relevant information on legitimate or public interest grounds.

Your right to data portability - You have the right to ask that we transfer the personal data you directly gave us to another organisation, or to you, if we process the relevant information on consent or contract grounds.

Your right to lodge a complaint – You have the right to lodge a complaint to the supervisory authority if our response doesn’t satisfy your request.

Your right to not be subjected to a decision based solely on automated processing - You have the right to ask not to be subjected to a decision based solely on automated processing which produces legal effects concerning you or significantly affects you in a similar way, if the legal requirements are not met.

Without prejudice to any other remedies, you also have the right to lodge a complaint with a supervisory authority at any time. If you are based in or the issue you would like to complain about took place in the UK, please refer to the UK Information Commissioners Office: https://ico.org.uk/make-a-complaint/

  1. How to contact us

Please contact us at privacy@superstruct.com if you wish to make a request or complain or have any questions on how we use your personal data.

  1. How do we keep this privacy notice up to date?

We may update this Notice periodically and will revise the date at the bottom of this Notice to reflect the date when such update occurred. If we make any material changes in the way we collect, use, and/or share the personal data that you have provided, we will endeavour to provide you with notice before such changes take effect, such as by posting prominent notice on our website.

Continued use of the website constitutes acceptance of the Privacy Notice. We encourage you to periodically review this page for the latest information on our privacy practices.

This notice was last updated on 11/03/2024.