This webpage sets out when and how we use your personal information that you or others provide to us.
Who we are
Rise Films Limited
Rise Television Limited
Rise Comedy Limited
Rise Comedy (Plebs) Limited
Plebs 3 Limited
Plebs 4 Limited
Green Tunnel Limited
If you have any questions about this privacy notice, including any requests to exercise your legal rights, please email us at firstname.lastname@example.org
How we process data
Here at Rise Films we process personal data for 4 main reasons:
1. In relation to contributors on a programme;
2. As employers;
3. In the performance of a supplier contract;
4. If we have permission from the user, or where otherwise allowed by law, to market to them.
Who we share information with:
We will not share your information with any third parties UNLESS
(i) it is necessary in the performance of our contractual obligation to you, or in our legitimate interests to do so;
(ii) they are a third party data processor acting on our instruction.
If we approach you or are in discussions with you about being on a programme we will collect sufficient information to determine your suitability for that programme.
1. On- Screen and off-screen contributors and consultants
If you are a contributor on one of our programmes we will continue to process such information as is necessary for the production and exploitation of that programme. This will include information on your release form and will always comprise contact information, and may include special category data such as health and medical data and criminal offence data.
If you are a consultant on one of our programmes we will process data supplied by you in the interests of developing the programme. This could include third party information such as contact details, for which you are responsible through your choice to share with us.
In addition we may process sufficient data as to remunerate a contributor or consultant, where appropriate.
2. Prospective contributors
As with our on-screen contributors, we may process data as above. If you have not taken part in a particular series or programme we may keep your details and contact you in the future in relation to XXX’s programming and products unless you ask us not to.
Our lawful basis for processing your personal information is set down in the General Data Protection Regulation (GDPR) under Article 6(1):(b) Contract: the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
Where we have approached you about being on a programme our lawful basis for processing your personal information is set down in the GDPR under Article 6(1)(f): legitimate interests: the processing is necessary for Rise’s legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.
In relation to the special category data we hold about you we will process this in accordance with Article 9(2)(a) of the GDPR, i.e. because we have your explicit consent to the processing of such data.
In certain circumstances we may hold information about your criminal convictions or offences. If this is the case we will process this data in accordance with Article 10 of the GDPR (and/or any subsequent legislation contained in the Data Protection Act). We do not keep a comprehensive register of our contributors’ criminal convictions.
From time to time we may make TV programmes with child contributors. We will process the data of the child contributor as it is in our legitimate interests to do so (under Article 6(1)(f)). Where a parent or guardian has signed our mutually agreed contract it will be necessary to process their data alongside this (as above). We will not send marketing information to our child contributors but to their parent or guardian.
With whom we share your data
From time to time we may share your data (including your special category and criminal offence data) with broadcasters and our insurers. When we do this they also control how your data is processed. Please see how we secure this information in the section below.
Where we store your personal data
The majority of our contributor data is stored on a centralised cloud computing system controlled by Rise and processed through Google’s G-Suite. While Rise, the data controller, is within the EU, Google is not. However, Google complies with the EU-US Privacy Shield framework which offers the same level of protection as in the EU under GDPR. For more information on this, please visit: https://policies.google.com/privacy/frameworks
Certain members of staff have access to this cloud computing system to enable them to act on your behalf. Where there is special category data or information relating to criminal convictions this will be kept by one of the production team in a secure place where access is restricted.
Employees and Freelancers
Rise is the data controller for the information you provide during the employment and application process unless otherwise stated. If you have any queries about the process or how we handle your information please contact us.
What will we do with the information you provide to us?
All of the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.
We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.
We will use the contact details you provide to us to contact you to process your application. We will use the other information you provide to assess your suitability for the role you have applied for.
As a media organisation we frequently receive speculative applications. When these are received, if there is no suitable vacancy at that time we keep them on our system for 36 months.
What information do we ask for, and why?
We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.
The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your application if you don’t.
We ask you to send us a current CV and a covering letter which will include your personal details including name and contact details, as well as your previous experience, education, referees and any other information relevant to the role you have applied for.
The relevant head of department will shortlist applications for interview. They will receive all information supplied at that time.
You may be required to provide:
· Proof of your identity – you will be asked to attend our office with original documents, we will take copies.
· Proof of your qualifications – you may be asked to attend our office with original documents, we will take copies.
· You may be asked to complete a criminal records declaration to declare any unspent convictions.
· We may contact your referees, using the details you provide in your application, directly to obtain references.
· We may ask you to complete a questionnaire about your health. This is to establish your fitness to work as well as for your well-being whilst on our premises.
· If we make a final offer, we will also ask you for the following:
· Bank details – to process salary payments.
· Emergency contact details – so we know who to contact in case you have an emergency at work.
· Information for your inclusion in our pension scheme. We use a data processor for this scheme.
If you are unsuccessful following assessment for the position you have applied for, we may retain your details in our talent pool for a period of 36 months unless you request that we delete your details. If you are in our talent pool we would then proactively contact you should any further suitable vacancies arise.
The nature of Rise’s business means that we necessarily employ freelance specialists on a contract basis. We process the engagement information supplied for the performance of that contract in the same secure way as we do for our permanent staff. We retain their data for the duration of that contract and for such period thereafter as is necessary in line with our retention policy.
We will process this data because the processing is necessary for the performance of our mutually agreed contract.
In relation to the special category data we hold about you we will process this in accordance with Article 9(2)(b) of the GDPR, i.e. that the processing is necessary for the purposes of carrying out the obligations and exercising specific rights of Rise or of the data subject in the field of employment and social security and social protection law in so far as it is authorised by Union or Member State law or a collective agreement pursuant to Member State law providing for appropriate safeguards for the fundamental rights and the interests of the data subject.
Where employment and freelance information is kept
HR data is kept securely in electronic and hard copy files, and accessed only by members of the senior management team.
How long is the information retained for?
If you are successful, the information you provide during the application process will be retained by us as part of your file for the duration of your employment/engagement plus 6 years following the end of your employment /engagement. This includes your criminal records declaration, fitness to work, records of any security checks, and references.
Information generated throughout the assessment process, for example interview notes, is retained by us for 6 months following the closure of the advertising campaign for the applicable role.
Use of data processors
Data processors are third parties who necessarily provide elements of our internal practices. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
Use of other third parties
Some third parties with whom we share your data are data controllers in their own right in which case they will have their own retention periods.
We have contracts with all third parties to ensure the security of your data that we share with them.
If our business is sold
We will transfer your personal information to a third party:
· if we sell or buy any business or assets, we will provide your personal information to the seller or buyer (but only to the extent we need to, and always in accordance with data protection legislation); or
· if Rise or the majority of its assets are acquired by somebody else, in which case the personal information held by Rise will be transferred to the buyer.
We process your personal information for this purpose because we have a legitimate interest to ensure our business can be continued by the buyer. If you object to our use of your personal information in this way, the relevant buyer of our business may not be able to provide services to you.
In some circumstances we may also need to share your personal information if we are under a duty to disclose or share it to comply with a legal obligation.
Visitors to our website
We use a third party processor to administer our website. Further information about how they use your information can be found at: https://www.squarespace.com/dpa/
What are cookies?
Cookies are small pieces of data that websites store on a device. Cookies can improve your browsing experience because they help websites remember preferences and understand how people use different features.
Functional and Required Cookies
We use some necessary cookies because they allow visitors to navigate and use key features on our site. These cookies vary from site to site depending on the features it uses. Below is a list of the functional and required cookies used by Squarespace.
Crumb (duration: session)
Prevents cross-site request forgery (CSRF). CSRF is an attack vector that tricks a browser into taking unwanted action in an application when someone’s logged in.
RecentRedirect (duration: 30 minutes)
Prevents redirect loops if a site has custom URL redirects. Redirect loops are bad for SEO.
squarespace-popup-overlay (duration: persistent)
Prevents the Promotional Pop-Up from displaying if a visitor dismisses it
squarespace-announcement-bar (duration: persistent)
Prevents the Announcement Bar from displaying if a visitor dismisses it
Test (duration: session)
Investigates if the browser supports cookies and prevents errors.
Analytics and Performance Cookies
We do not use Analytics and Performance cookies to collect information on your behalf about how visitors interact with our site.
You can block any remaining cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
Except for essential cookies, all cookies will expire after 2 years.
There may be other individuals with whom we do business and for whom we hold personal data, such as those who work for supplier companies. We process this information in accordance with our contracts with those organisations.
What about websites we link to?
Our site connects you to different websites. If you follow a link to any of these websites or use their services, please note that you have left our site and these websites have their own privacy policies.
We do not accept any responsibility or liability for these policies or websites. Please check their policies before you submit any personal information to these websites.
Updating your personal information
You can update your personal information at any time, and change your marketing preferences. To do this please email us at email@example.com
Under current UK data protection legislation, you have rights as an individual which you can exercise in relation to the information we hold about you.
Individuals have the right to see the personal data held by Rise (a subject access request). Once the person requesting the information has been identified the request will be carried out within one calendar month in a clear and easy to read way. There are numerous and various exemptions to this right and each request will be dealt with on a case by case basis.
Individuals have the right to have their data rectified where it is incorrect or out of date. Where a request for data rectification is made it will be dealt with in a similar way to a subject access request (SAR), i.e. within a strict time frame.
You also have the rights to (i) erasure and (ii) restriction and you can request that we remove your data or restrict the processing of it.
Your right to object to the processing of your data is an absolute right which will be dealt with immediately unless there are compelling grounds for us to continue the processing where appropriate.
You can read more about these rights here – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/