Data & Privacy

Back to top

Our Privacy Policy 

1. Introduction 

Welcome to our privacy policy.   

 

Purpose of this Privacy Policy  

This privacy policy explains how we, Creative UK Holdings Limited and our group companies Creative England Ltd and Creative Industries Federation Ltd (“our group”, “us”, “our”, or “we”), collects and processes any personal data about you when you visit our websites, including any data you may provide through this website when you opt in to receive our newsletters. Our websites are and this privacy policy relates to: 

 

  • Wearecreative.uk    
  • Launch.wearecreative.uk 
  • meet.wearecreative.uk 
  • launch.wearecreative.uk 
  • meet.wearecreative.uk 
  • elevate.wearecreative.uk 
  • student.wearecreative.uk 
  • federation.wearecreative.uk 
  • report.wearecreative.uk 
  • creativeenterprise.wearecreative.uk 
  • virtualfestival.wearecreative.uk 
  • summit.wearecreative.uk 
  • manifesto.wearecreative.uk 
  • conference.wearecreative.uk 
  • rsvp.wearecreative.uk 
  • climate.wearecreative.uk 
  • fie.wearecreative.uk 
  • investment.wearecreative.uk 
  • diversity.wearecreative.uk 
  • unleash.wearecreative.uk 
  • freelance.wearecreative.uk 
  • portal.wearecreative.uk 
  • femalefounders.wearecreative.uk 
  • northeast.wearecreative.uk 
  • filminginengland.co.uk 

 

References to “our websites” in this policy are to the above sites.  

 

Our websites are not intended for children and we do not knowingly collect personal data relating to children.  

 

This privacy policy should be read together with any other privacy policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.  This privacy policy supplements other notices and privacy policies and is not intended to override them.  

 

Your personal data will be processed in compliance with the UK GDPR (meaning the General Data Protection Regulation (EU) 2016/679 as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 ) and the Data Protection Act 2018 (the “Data Protection Legislation”).  

    

Controllers  

We are a controller of the personal data processed in connection with the websites for the purposes of the Data Protection Legislation.    

Our details are:  

Name  Company registration number in England and Wales  Registered Office Address  Controller Registration Details at the Data Protection Public Register  
Creative UK Holdings Limited  12105400  Tomorrow Building, 130 Broadway, Suite 7, 2nd Floor, MediaCityUK, Salford, M50 2AB  ZB293315 
Creative England Ltd  07432947  Tomorrow Building, 130 Broadway, Suite 7, 2nd Floor, MediaCityUK, Salford, M50 2AB  Z2832508 
Creative Industries Federation Ltd  08793599  Tomorrow Building, 130 Broadway, Suite 7, 2nd Floor, MediaCityUK, Salford, M50 2AB  ZB293315 
Creative Growth Finance Limited  12033250  Tomorrow Building, 130 Broadway, Suite 7, 2nd Floor, MediaCityUK, Salford, M50 2AB  ZA569410 
Creative UK Investments Ltd  09216540  Tomorrow Building, 130 Broadway, Suite 7, 2nd Floor, MediaCityUK, Salford, M50 2AB  ZA546336 

 

If you have any questions regarding the controller(s) of your personal data, please contact us using the details in section 9 of this policy.  

 

In this privacy policy, “personal data” means any information about an individual from which that person can be identified, such as your name and contact details. It does not include data from which it is not possible to identify the individual to which it relates (anonymous data). 

 

2. Policy Changes 

 

We keep our policy under regular review.  We may update or change this policy or parts of it to maintain our compliance with the Data Protection Legislation or following an update to our internal practices.  You will not necessarily be directly notified of such a change.  Therefore, please ensure that you regularly check this policy when you use our products and services to ensure that you are fully aware of any changes or updates.  

 

 

3. The Personal Data We Collect and How We Collect It 

 

We collect various personal data from you in order to process it for a number of different purposes, including to enable us to manage our operations, to provide goods and services to you, for our legitimate interests or to comply with our statutory obligations. 

We usually collect personal data from the information you submit during the course of your relationship with us. We use different methods to collect data from and about you, including through: 

 

Direct Interactions: 

You may give us your identity, contact and financial data by filling in forms or by communicating with us by post, phone, email, social media or otherwise.   This includes when you: 

 

  • Apply for or join any of our memberships 
  • Apply and participate in one of our programmes 
  • Buy tickets or register for our events 
  • Register to receive our newsletters or other marketing information  
  • Complete surveys  
  • Update personal details on the customers’ portal 
  • Update personal details on the Creative UK Portal 
  • Provide feedback or request details about our services or member offers or otherwise contact us 

 

  Your computer: 

When you visit our websites, we may also collect information about your computer, including your IP address, operating system and browser type. This is for the purpose of system administration and to report aggregate information to our partners  (we only share statistical data about our users’ browsing actions and patterns on an aggregated and anonymised basis and we do not identify any individual). 

 

We may obtain information about your general internet usage by using a cookie file. Cookies are small text files sent to your device (computer, tablet or mobile phone) by the website you are using. These are stored on your hard drive and can be retrieved by the original website on your next visit, or another website that recognises the cookie. Using cookies helps us to improve our site and deliver a better and more personalised service. 

They enable us: 

  • To estimate our audience size and usage pattern 
  • To recognise you when you return to our site 
  • To store information about your preferences, and so allow us to customise our site according to your individual interests 
  • To speed up your searches 

 

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting, you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site. Further information about controlling and deleting cookies can be found at www.AboutCookies.org  

 

We collect personal data to: 

  • Process and manage requests and memberships 
  • Process and manage requests our programmes 
  • Manage our events and to provide you with tickets and other information concerning events you may buy tickets for or register to attend  
  • Provide special membership offers and benefits 
  • Send news updates and information about our events, offers, policy work, programmes and membership (we will only send you updates if you have opted in to receiving such communications) 
  • Process and manage our members’ directory 
  • Share attendee lists for our events where required for security and compliance, e.g. to ensure that only our members attend if it is a “members-only” event  
  • Personalise repeat visits to the website 
  • Create targeted marketing campaigns (you will not receive marketing information by email unless you have opted in) 
  • Improve our Diversity and Inclusion practices or to comply with our funders/ partners’ terms to monitor equality and diversity (we only process special category data, however, with your consent, which you do not have to provide)   
  • Communicate with you and monitor and improve our communications 
  • Process expressions of interest and full applications for investment by Creative UK or our group.  
  • Provide updates regarding website or service changes which may affect you 
  • Enable participation in interactive features of our service 
  • Detect and prevent fraud 
  • Improve our services 
  • Comply with our obligations arising from any contracts entered into between you and us or to take steps in relation to any such contract before entering into it. 
  • Comply with our statutory or other legal obligations  

 

If you give us personal data about other individuals, you confirm by giving us such personal data that the third party has given consent for you to transfer their personal data to us or that you have another lawful basis in accordance with the Data Protection Legislation to send it to us. 

 

If you fail to provide personal data when we request it, we may not be able to provide you with our services. We need to process personal data in order to provide personal data for the majority of our services, and in some circumstances, we have an obligation to process certain personal data e.g. pursuant to our funding and partner agreements. If you choose not to provide that information, we may not be able to engage you as an Individual/ Service User e.g. if eligibility criteria for investment and/or regional programmes is not provided or met.   

 

Categories of personal data that we collect: 

 

  • Full name 
  • Email address 
  • Landline or mobile number 
  • Mailing or billing address 
  • Any personal data you send via email, or website contact form 
  • Details of transactions you carry out fulfilment of your orders 
  • Organisation name and sector 
  • Occupation and employment status  
  • Age group  
  • Titles 
  • Profile pictures and/or images taken at company events  
  • Social media handles 
  • Newsletter opening rates and click-throughs 
  • Personal Assistant details (name, email, landline) 
  • Any personal data provided in testimonials, where you provide us with such a testimonial. 
  • Payment details (limited to BACS information only)  
  • Forms and survey responses 
  • Purchase history 
  • User login name 

 

Special category data 

 

Subject to the reason why you are contacting us e.g., investment application, membership application, event attendance, newsletter subscription, production enquiry, website registration, competition entry, we may request additional personal data which falls under the category of “special category data” for the purposes of the Data Protection Legislation. We do not process special category data unless you give your consent for us to do so.  Our contracts with our partners require us to monitor certain information which falls within this category.  However, if any special category data is shared with our partners, we always do so on an anonymised basis.   

 

If we do need to request special category data, you will be informed why and how we intend to use it, and we will only process special category data which you provide your explicit consent that we may process. Normally, special category data is required for monitoring purposes when checking eligibility criteria for applications. You will be asked to provide clear consent for us to process. This will include: 

 

  • Nationality 
  • Ethnic background 
  • Disabilities 
  • Sexual orientation 
  • Your pronouns 

 

Direct Marketing 

 

We may contact you with information regarding our membership, events, policy work and offers, via email, post or phone, but only if such communications are in compliance with the Privacy and Electronic Communications Regulations 2003 and other applicable data protection laws.  If you are an individual, we will not do this unless you have “opted in” to receiving marketing communications.   

 

You have a right at any time to stop us from contacting you for marketing purposes, by opting out of emails (via link at the bottom of our emails), adjusting your preferences on the portal, or by contacting us at the details below. 

 

4. Our Lawful Bases for Processing Personal Data 

 

We will only process personal data where the law allows us to.   

 

The lawful bases for processing data under the Data Protection Legislation are set out below. At least one of these will apply whenever we process your personal data:  

Consent: You have given us explicit consent to process your personal data for a specific purpose.  For example, Clearcast Creative UK may need your contact, identity, technical and/or usage information to respond to a question you have asked us via the Website. 

 

Performance of a Contract: the processing is necessary for a contract we have with you or because you have asked us to take specific steps before entering into a contract. 

 

Legal obligation: the processing is necessary for us to comply with the law (not including
contractual obligations).  

 

Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests. For example, we will use your identity, contact and website usage information to keep our records up to date and send you communications and updates in respect of the website which we consider to be important. 

We run all the required tests before opting to process personal data based on this ground.  

 

5. Who Do We Share Your Personal Data With?  

 

We work with a number of trusted and contracted third parties in order to be able to provide our services to you. These third parties include (but are not limited to) those who provide services to us with venues for events and business systems providers such as payment processing providers.    

 

We do not rent, trade or sell your personal data to third parties. We do not purchase personal data from or sell it to third parties. 

 

We may transfer your personal data in the ways set out in this privacy policy and, in particular, to the following third parties: 

  • Any person to whom you request us to transfer your data; 
  • Any group company of ours; 
  • Suppliers and service providers (including information technology providers, such as website and mailing list hosts, marketing service providers, booking and reservation systems, and payment processing companies). In particular, we use companies providing services for money laundering checks, credit risk reduction and other fraud and crime prevention purposes and companies providing similar services, including financial institutions, credit reference agencies and regulatory bodies with whom such information is shared; 
  • Any third party to whom we assign or novate any of our rights or obligations; 
  • Any potential or actual buyers of, investors into or lenders to our business or any of our assets, or any of the advisors or representatives of the above; 
  • Our auditors and professional advisers (bankers, lawyers, accountants and insurers); and 
  • When we believe it is necessary to comply with the law, regulation or legal request (including a court order or police or government inquiry);  
  • To enforce or apply our terms and conditions of supply or other agreements; and / or 
  • In the context of a company reorganization or restructuring exercise, to protect our rights, property or safety, or those of our personnel, our guests or others. 

 

In particular, we use the following third party services providers (and links to their privacy notices are below): 

Microsoft (Washington, US) 

Stripe, Inc. (California, US) 

GoCardless Ltd. (London, UK) 

SurveyMonkey (California, US) 

Slack Technologies (California, US) 

Hubspot (Boston, US) 

Xledger (Bristol, UK) 

Eventbrite Services (San Francisco, US)
Hootsuite (Vancouver, Canada)
Dropbox International Unlimited Company (Dublin, Ireland) 

MovieSite (OpenBrolly) (Edinburgh, UK) 

Google (California, US) 

Meta Platforms, Inc. (Massachusetts, US) 

Mailchimp (Georgia, US) 

Xero Limited (Australia) 

Hopin (London, UK)  

ReelScout (North Carolina, US) 

JotForm (California, US) 

 

Some of our external service providers are based outside the UK so their processing of your personal data will involve a transfer of data outside the UK (and where such data is transferred it may be accessed in or stored in those countries). Whenever we transfer your personal data out of the UK, we shall do so in accordance with Data Protection Legislation, which may be by the use of specific personal data export clauses in the form of contracts approved by the UK’s Information Commissioner. 

 

6. Data Security, Storage and Retention 

 

Data Security  

 

The security of your personal data is as important to us as it is to you. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. 

 

We have implemented appropriate technical and organisational security measures commensurate to the risks involved to protect your personal data from being lost, used or accessed in an unauthorised way, altered or disclosed. Access to your personal data is limited to those who have a business need to know it and who have a duty of confidentiality with Creative UK. 

 

We have processes in place to manage any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so. 

 

Data Retention 

 

We will only retain data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any financial, legal and/or reporting requirements. We will not hoard bulk personal data, and it will the minimum necessary to fulfil our functions and plans. 

 

A copy of our Retention Policy can be provided on request. 

 

 

 

 

7. Your Rights In Respect of Your Personal Data 

 

By law, in certain circumstances, you have the right to: 

 

Request access to your personal data. This is commonly known as a subject access request and enables you to receive a copy of the personal data we hold about you. 

 

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. 

 

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below). 

 

Object to certain types of processing of your personal data, such as processing
for direct marketing purposes. 

 

Request the restriction of processing of your personal data in certain circumstances. 

 

Request the transfer of your personal data to another party. 

 

Request the reconsideration of an automated decision. This enables you to ask us to reconsider a decision that may have been made solely by automated means. 

 

If you want to exercise any of the above rights please contact us using our details below. You also have the right to submit a complaint to the ICO, as set out in section 10 of this notice.  

 

We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal data, and for any additional copies of the personal data you request from us. 

 

You may be required to provide us with proof of identity when exercising these rights. This is an appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.  

 

8. Third Party Links 

 

Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit. 

 

9. Contacting Us 

 

If you have any requests regarding your personal data processed by us or this policy please contact Caroline Hinds, Director of People & Operations caroline.hinds@wearecreative.uk. 

 

10. Complaints 

 

If you have any concerns over how we use your data, please contact us in the first instance at info@wearecreative.uk and we hope that we can resolve your concerns.  

 

You have the right to complain to the Information Commissioners Office (ICO), please visit www.ico.gov.uk for full guidance and contact.  We would, however, be grateful if you would contact us in the first instance so we can endeavour to deal with your concerns direct.