Protection of personal data
Our email distribution and advertising services mean that from time to time we may provide you with personal data that we hold. We will only do so with the consent of data subjects and to organisations that enter into a Data Processing Agreement with us. The agreement is set out below.
Data Processing Agreement
This agreement is between Twenty Four Digital Media Ltd, a company incorporated in the UK (company number 10461070 – registered address is 117 Dartford Road, Dartford, Kent, DA1 3EN)
advertisers who book advertising with Twenty Four Digital Media Ltd and confirm acceptance of this agreement at the time of booking (as per the details of identity and acceptance included on the booking form).
As an advertiser you accept that for the purposes of the EU’s General Data Protection Regulation 2016/679 (‘GDPR’) and any other current and subsequent laws applicable in the UK relating to the processing of personal data, that you process any personal data we pass you (‘the data’) on our behalf.
You agree that in processing this data you will:
- Comply will all applicable EU and UK data processing laws;
- Use the data only for the purposes for which it has been provided and to which the data subject has agreed.
- Limit access to the data within your organisation to those personnel to whom access is necessary to process the data for the purposes for which it has been provided.
- Protect the data with appropriate technical and organisational measures so as to prevent unauthorised access or use, and so as to prevent loss, damage, corruption, or destruction.
- Notify us immediately in writing of any breach or suspected breach of security which has, or may have, allowed unauthorised access or loss damage, corruption or destruction of the data.
- Retain the data for only as long as is necessary to fulfil the purpose or purposes for which it has been provided.
- Regarding the data, answer all reasonable requests from data subjects – whether made by data subjects directly to your organisation or via ourselves – about the data you hold about them and, if requested by a data subject:
to allow him or her access to such data;
to rectify any inaccuracies he or she identifies within the data;
to delete the data.
- Not to transfer the data outside the EU unless you have ensured that appropriate data protection safeguards are in place, that the enforceable rights of data subjects regarding their data are not thereby compromised, and you have otherwise complied with GDPR requirements with regard to such transfers.
- You will maintain complete and accurate records and information that enable you to demonstrate your compliance with GDPR regulations and other data processing and protection laws in force in the UK.
This agreement shall be governed by and construed in accordance with the law of England and the parties hereby submit to the exclusive jurisdiction of the English courts.