The General Data Protection Regulation (GDPR) takes effect from 25 May 2018.
GDPR is a standardised user data protection framework which operates across Europe and imposes obligations on organizations that handle the personal data of people in the European Economic Area.
It also explains how we store and handle data.
We are Howling Moon PR, a public relations and social media agency:
Address: 30A Orsett Terrace, London, W2 6AJ
Howling Moon PR undertakes press and pubic relations on behalf of our clients and where any data is stored, it is only used for legitimate business interests and this is our lawful basis for processing personal data.
For example, if you are a journalist, blogger/social media influencer or stylist we may have your email address in order to send you news about a topic you may be interested in. If you have supplied your phone number, we may also hold this for the purposes of contacting you in relation to any topics we are working on together or to advise you of news stories, product information, press events and other media related communications.
We may also hold your address if we have requested this so that we send something such as product samples, printed brochures and press packs that cannot be sent digitally.
We may also hold the name, address, emails and, if relevant, telephone numbers of consumers who have entered competitions arranged on behalf of clients. These are removed once the competition has been completed.
Recital 47 of the GDPR allows for the processing of personal information for our legitimate business interests in terms of press communications. “Legitimate Interests” means the interests of our company in conducting and managing our business to enable us to offer you the best services and information.
For example, we have an interest in making sure our communications are relevant for you, so we may process your information to send you communications that are tailored to your interests and relevant to your media audience. We believe this processing is also in your interest.
We may hold some personal details of press, stylists, bloggers and influencers on our database for any of the following purposes:
When we process your personal information based on legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests. We will not use your Personal Data for activities where our interests are overridden by the impact on you. Will not share your Personal Data with any 3rd parties.
If you wish to update your preferences or do not wish to receive any further information from Howling Moon PR you can do so directly from our mailings or email email@example.com and we will remove you from our database.
We subscribe to media contacts databases who collect and process journalist and PR data for their legitimate interest in providing services which help journalists and PRs work with each other. The information we retrieve is publication, journalist name, department, e-mail address and area of editorial interest.
The data held if you are a journalist, blogger or competition winner may include: Publication/company name if applicable, first name, last name, publication/media type, job title, email address, mailing address, product interest, in some cases phone numbers. These are sourced from our long term media lists which we have built up over the years, from public domain information, industry directories we subscribe to or where in the past you have given us this information or have requested information from us.
If you would like to know if we hold any personal data about you and if so exactly what, or if you do not wish us to hold information, please contact us by emailing firstname.lastname@example.org.
We maintain technical and physical safeguards which are designed to protect the security and integrity of your personal data, and to guard it against accidental or unauthorised access, use, alteration or disclosure to unauthorised third parties including device encryption, firewalls and virus checking.
Where we keep personal data files on local devices, these devices are protected and accessible only to authorised users.