This privacy notice (Privacy Notice) sets out the ways in which we, Micheline Steinberg Associates (we, us, our), collect and use your personal data (your personal information) in connection with our business. It also explains what rights you have to access or change your personal data.
2. Our website is not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 13 . If you are under the age of 13, please do not access our website at any time or in any manner. We will take appropriate steps to delete the personal information of persons under the age of 13 .
Information that you provide to us.
1. We will collect any information that you provide to us when you:
1. make an enquiry over the phone, by email or on our website;
2. submit manuscripts or other content to us by post or email;
3. enter into a contract with us to represent you;
4. submit an application to a job vacancy;
5. ‘follow’, ‘like’, post to or interact with our social media accounts, including Facebook, LinkedIn, Twitter, Pinterest, Instagram and Google+;
2. The information you provide to us may include (depending on the circumstances):
1. Identity and contact data: title, names, addresses, email addresses and phone numbers;
2. Employment and background data: If you are submitting a manuscript for review or submission for publication, or a job application, you may also provide additional information about your academic and work history, qualifications, skills, projects and research that you are involved in, references, proof of your entitlement to work in the UK, your national security number, your passport or other identity document details, your current level of remuneration (including benefits), and any other such similar information that you may provide to us; and
3. Financial details: If you are a client, we will want to remit to you the money we collect on your behalf pursuant to our representation of you, so we will ask you for your bank details, VAT number, and details of your accountant if you wish us to send them information as well. If you are an ex-client and we are still receiving money on your behalf, we will retain these details so that we can continue to process payments for you.
2. Information we collect about you:
1. Information contained in correspondence: We will collect any information contained in any correspondence between us. For example, if you contact us using a query button on our website or by email or telephone, we may keep a record of that correspondence;
2. Website usage data: We may collect information about your interactions with the website, including information such as login data, IP address, page views, searches, requests, orders, pre-approvals, confirmations, agreements between you and other website users and other actions on the website]
3. Technical data: We may also collect certain information about how you use our website and the device that you use to access our website, even where you have not created an account or logged in. This might include your geographical location, device information (such as your hardware model, mobile network information, unique device identifiers), the data transmitted by your browser (such as your IP address, date and type of the request, content of the request regarding the specific site, time zone settings, access status/HTTP status code, volume of data transmitted, browser type and version, language settings, time zone settings referral source, length of visit to the website, date and time of the request, operating system and interface) number of page views, the search queries you make on the website and similar information. This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies or similar technologies. For more information on cookies please read the COOKIES section below.
1. Information we receive from third parties
1. In certain circumstances, we will receive information about you from third parties. For example:
1. Employers, recruitment agencies and referees: if you are a job applicant we may contact your recruiter, current and former employers and/or referees, who may be based inside or outside the EU, to provide information about you and your application;
2. Third parties who can verify submitted information: if you submit a manuscript to us for our review, we may use third party providers to verify the information that you provide to us in connection with that submission. For example, we will use third-party databases or websites such as Amazon, Waterstones or publishers’ sites to confirm your publication history;
3. Website security: we will collect information from our website security service partners who are based inside OR outside the EU, about any misuse to the website, for instance, the introduction of viruses, Trojans, worms, logic bombs, website attacks or any other material or action that is malicious or harmful; and
4. Third parties such as co-agents: if one of our co-agents puts us in touch with each other with a view to working together, they may send us information such as your writing background and contact details. You will normally be consulted by that agent before they send us contact details.
2. We might also receive information about you from third parties if you have indicated to such third party that you would like to hear from us.
HOW WE USE INFORMATION ABOUT YOU AND RECIPIENTS OF YOUR INFORMATION
1. We will use your information for the purposes listed below either on the basis of:
1. performance of your contract with us and the provision of our services to you;
2. your consent (where we request it);
3. where we need to comply with a legal or regulatory obligation; or
4. our legitimate interests or those of a third party.
2. We use your information for the following purposes:
1. To provide access to our website: to provide you with access to our website in a manner convenient and optimal and with personalised content relevant to you including sharing your information with our website hosts (1&1 Internet) on the basis of our legitimate interest to ensure our website is presented in an effective and optimal manner;
3. To conduct business with you: to contact you and manage and facilitate our business relationship with you, including the administration of your contract (on the basis of performing our contract with you);
4. User and client support: to deal with enquiries or complaints about the website and share your information with our website developer and/or IT support provider as necessary to provide support (on the basis of our legitimate interest in providing the correct services to our website users and to comply with our legal obligations);
5. Recruitment: to process any job applications you submit to us, whether directly or via an agent or recruiter including sharing this with our third party recruitment agency (on the basis of our legitimate interest to recruit new employees or contractors);
6. Social media interactions: to interact with users on social media platforms including Facebook, LinkedIn, Twitter, Pinterest, Instagram and Google+, for example, responding to comments and messages, posting, ‘retweeting’ and ‘liking’ posts (on the basis of our legitimate interest in promoting our brand and clients, and communicating with interested individuals);
7. Research: to carry out aggregated and anonymised research about general engagement with our website (on the basis of our legitimate interest in providing the right kinds of services to our website users);
8. Fraud and unlawful activity detection: to protect, investigate, and deter against fraudulent, unauthorised, or illegal activity, including identity fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so);
9. Compliance with policies, procedures and laws: to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).
3.3 As outlined above, in certain circumstances we may use your personal information to pursue legitimate interests of our own or those of third parties. Where we refer to using your information on the basis of our “legitimate interests”, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interest we have in:
3.3.1 personalising, enhancing, modifying or otherwise improving the services and/or communications that we provide to you;
3.3.2 detecting and preventing fraud and operating a safe and lawful business;
3.3.3 improving security and optimisation of our network, sites and services.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights” in paragraph 8 below.
WHO WE MIGHT SHARE YOUR INFORMATION WITH
1. In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we will share your personal information when relevant with third parties such as:
1. Our service providers: third parties we work with to deliver our business (including, for example, hosting or operating the website and our databases and site analytics) (i.e. WordPress, 1&1 Internet);
2. Producers, broadcasters, financiers, sales agents, distributors, lawyers, co-agents (and/or co-managers), and licensees,: if you are an author, any publishers or other licensees of your work (or prospective publishers and licensees) as well as sub- or co-agents and editorial service providers, where applicable.
3. Prospective sellers and buyers of our business: any prospective seller or buyer of such business or assets, only in the event that we decide to sell or buy any business or assets; and
4. Other third parties (including professional advisers): any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
2. We require third parties to maintain appropriate security to protect your information from unauthorised access or processing.
2. If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings please consult the “Help” section of your internet browser (or alternatively visit http://www.aboutcookies.org). Please note that, if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of the website.
HOW WE LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR
1. We operate a policy of “privacy by design” by looking for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures (i.e. Symantec Endpoint Protection) to protect your information against any unauthorised access or unlawful use, such as:
1. ensuring the physical security of our offices, warehouses or other sites;
2. ensuring the physical and digital security of our equipment and devices by using appropriate password protection;
3. maintaining a data protection policy for, and delivering data protection training to, our employees; and
4. limiting access to your personal information to those in our company who need to use it in the course of their work.
2. We will retain your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example,
1. we archive our email and paper correspondence regularly and destroy information older than 6 years;
2. we retain information relating to submissions and website user queries for approximately 3 years; and
3. we destroy unpublished manuscripts and related correspondence after approximately 3 years. However, we may permanently keep a log recording brief details of these in the event of a legal claim.
INTERNATIONAL TRANSFERS OF YOUR INFORMATION
1. Our company is located in the UK.
2. Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
3. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following transfer solutions are implemented:
1. We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries;
2. Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, European Commission: Model contracts for the transfer of personal data to third countries; and
3. Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
4. A list of the countries outside of the EEA to which we may transfer your personal information is available here.
5. Please contact us using the contact details at the top of this Privacy Notice if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
YOUR RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU
1. You have certain rights in respect of the information that we hold about you, including:
2. the right to ask us not to process your personal data for marketing purposes;
3. the right to request access to the information that we hold about you;
4. in certain circumstances, the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format
5. the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;
6. the right to withdraw your consent for our use of your information in reliance of your consent (refer to paragraph 4 to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy Notice;
7. the right to object to our using your information on the basis of our legitimate interests (refer to paragraph 4 above to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground;
8. in certain circumstances, the right to ask us to limit or stop processing information about you, or erase information we hold about you; and
9. the right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/), as well as with the relevant authority in your country of work or residence.
2. Please note that we may need to retain certain information for our own record-keeping and research purposes. We may also need to send you service-related communications relating to your website user account even when you have requested not to receive marketing communications.
How to exercise your rights
1. You may exercise your rights above by contacting us using the details in paragraph 2 of this Privacy Notice, or in the case of preventing processing for marketing activities also by checking certain boxes on forms that we use to collect your data to tell us that you don’t want to be involved in marketing.
2. You may contact us via the details at the top of this Privacy Notice if you wish to action any of these additional rights and we will comply with your requests unless we have a lawful reason not to do so.
What we need from you to process your requests
1. We may need to request specific information from you to help us confirm your identity and to enable you to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
2. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
1. The website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
CHANGES TO THIS PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES
1. We may make changes to this Privacy Notice from time to time. We will post any changes to our site, or notify you of any material changes by e-mail.
2. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your profile account information or contacting us via the contact details at the top of this Privacy Notice.
This Privacy Notice was updated on 24 May 2018.
Appendix – Glossary of Commonly Used Data Protection Terms