The following information provides a simple overview of what happens to your personal data when you visit our website at www.vidbrain.com.

In principle, we will only use your personal data in accordance with the applicable data protection laws, in particular the UK`s Data Protection Act 2018 (“DPA”), the EU`s General Data Protection Regulation (“GDPR”), and only as described in this Privacy Policy.

What is Personal Data?

Personal data is all data that can be related to you personally, e.g., name, e-mail addresses, user behaviour. The personal data of users processed within the scope of our website includes inventory data (e.g., names, e-mail addresses and addresses), usage data (e.g., the websites visited on our website, interest in our products) and content data (e.g., information in the contact and booking form).

Responsible Party and Controller

Vidbrain
12 Constance St, London

E16 2DQ, UK

Web: www.vidbrain.com.

E-Mail: hello@vidbrain.com.

What data protection rights do I have?

Every data subject has

• the right to information according to Art. 15 GDPR,
• the right to rectification according to Art. 16 GDPR,
• the right to deletion according to Art. 17 GDPR,
• the right to restriction of processing pursuant to Art. 18 GDPR, and
• the right to data portability under Art. 20 GDPR.

Furthermore, you can revoke consent, in principle with effect for the future.

Furthermore, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The Information Commissioner`s Office (ICO) is the relevant authority in the UK. The ICO is located at Wycliffe House, Water Ln, Wilmslow SK9 5AF, UK (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO.

Finally, you also have a right to object according to Art. 21 GDPR. This applies, on grounds relating to data processing on the basis of our legitimate interest and also to profiling.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate reasons for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

You may withdraw your consent and request us to stop using and/or disclosing your Personal Data for any or all of the Purposes by submitting your request to us in writing. Should you withdraw your consent to the collection, use or disclosure of your Personal Data, it may impact our ability to proceed with your transactions, agreements, or interactions with us. Prior to you exercising your choice to withdraw your consent, we will inform you of the consequences of the withdrawal of your consent. Please note that your withdrawal of consent will not prevent us from exercising our legal rights (including any remedies) or undertaking any steps as we may be entitled to at law.

What sources and data do we use?

We process personal data that we receive from you in the course of our business relationship.

Relevant personal data are contact data (name, e-mail, telephone number and other contact data), as well as other data you share with us on a voluntary basis. In addition, this may also include contractual data, data about your use of our services offered as well as content data in messages and communications you send us.

What do we process your data for (purpose of processing) and on what legal basis?

We process personal data in accordance with the GDPR and the DPA:

• For the fulfilment of contractual obligations,
  • Personal data is processed for the purpose of providing the services,
  • The purposes of the data processing are primarily based on the services.

• Within the framework of our legitimate interests

Where necessary, we process your data beyond the actual performance of the contract in order to safeguard legitimate interests of us or third parties. Examples:

• Ensuring IT security and IT operations,
• Measures for business management and further development of services,
• Defence against third-party claims and enforcement of own claims.

• Based on your consent
  • Insofar as you have given us your consent to process personal data for certain purposes, passing on data to third parties, sending newsletters, advertising etc., this processing is lawful on the basis of your consent.
  • Consent given can be revoked at any time. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by this.

Automated Decision Making

Automated decision making within the meaning of the DPA and GDPR is not used at www.vidbrian.com.

Processing of special categories of data

No special categories of data are processed at www.vidbrian.com.

Contacting us

If you contact us per e-mail or social media, we process the following data from you for the purpose of processing and handling your enquiry: Name, contact details -if provided by you- and your message. The legal basis of the data processing is our obligation to fulfil the contract and/or to fulfil our pre-contractual obligations in accordance with Art. 6 (1) b) GDPR and/or our legitimate interest in processing your enquiry in accordance with Art. 6 (1) f) GDPR.

Account registration

On our website, we offer you the opportunity to register by providing personal data and non- personal data, in particular your Full name, country of residence, e-mail address and phone number. The data is entered in the registration form is transmitted to us and stored. Registration is necessary in order to set up your customer account, which you can use to buy and use our services. The processing of the data for this registration thus serves the fulfilment of the contract of use or the implementation of pre-contractual measures. You can delete your customer account at any time on our website either by using the delete function in your account or by contacting us.

Purchasing our Services

We collect, process, and use the information you provide in the context of your order for the purpose of executing the contract this may include personal data and non- personal data, in particular your name, billing address and e-mail address, as well as information on the type of payment method you have chosen. We store the information you provide for the period of processing and handling the purchased services. Afterwards, your data will be deleted. Data that we are required to store due to legal, statutory, or contractual retention obligations will be blocked instead of being deleted to prevent it being used for other purposes. The processing of the data serves the fulfilment of the contract with you.

Please note when using our files storage services, you become the data controller and we become the data processor in accordance with Art. 29 of the GDPR, for further information please refer to our Data Processing Addendum.

Payment transactions

We do not collect or store any payment transaction information such as credit card numbers or bank details during the payment process. You only provide this information directly to the respective payment service provider (currently Stripe and PayPal).

Access data and log files

We collect data on each access to the server on which our website is located (so-called server log files) on the basis of our legitimate interests. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the operating system you are using, referrer URL (previously visited page), IP address and the requesting provider. This is used to defend against third-party claims and to enforce our own claims.

Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of seven days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the final clarification of the respective incident.

Cookies

Cookies are pieces of information that are transmitted from our web server or third-party web servers to the user’s web browser and stored there for later retrieval. Cookies may be small files or other types of information storage. There are different types of cookies:

• Essential Cookies

Essential cookies are cookies to provide a correct and user-friendly website. Some examples:

• Storing your language preferences;
• Detecting abuse or fraud;
• Storing browser settings to display the website according to the screen size.

• Non-essential Cookies

Non-essential Cookies are any cookies that do not fall within the definition of essential cookies, such as cookies used to analyse your behaviour on a website (‘analytical’ cookies) or cookies used to display advertisements to you (‘advertising’ cookies). These cookies are typical third-party cookies that website operators use to collect statistical data about how a website is used, including:

• Average page load time;
• Pages visited;
• Browser data;
• IP address;
• MAC address;
• Duration of a (page) visit;
• Data about the operating system;
• Data about the device used;
• Clicking behaviour and other interactions on one or more pages.

We have refrained from using cookies that are requiring your consent (non- essential cookies). For further information on the strictly necessary cookies used on my website, please contact us.

Is there an obligation for me to provide data?

Within the scope of our business relationship, you are only required to provide personal data that is necessary for the establishment, implementation, and termination of a business relationship or that we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and may have to terminate it.

Data Security

We secure our website and other systems through appropriate technical and organisational measures against loss, destruction, access, modification, or distribution of your data by unauthorised persons. However, and despite regular checks, complete protection against all dangers is not possible.

Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This ensures the confidentiality of your personal information over the Internet. You can tell whether encrypted transmission is taking place by the closed key/lock symbol in your browser display.

Passing on of data

Your personal data will only be passed on to third parties,

• if you have given your express consent to this;
• if the disclosure is necessary for the fulfilment of contractual obligations;
• if we are legally obligated to disclose the data;
• if the disclosure of the data is in the public interest;
• if the disclosure of the data is necessary for the protection of our legitimate interests or the legitimate interests of a third party, unless your interests in the protection of your data override these interests.

Duration of storage of personal data

Your data will be stored by us for as long as it is needed for the respective purposes underlying the processing. Beyond that, we only store data insofar as we are legally obligated to do so, e.g., due to statutory retention obligations.

Marketing

Insofar as you have also given us your separate consent to process your data for marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us.

Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe or opt out. 

Integration of third-party services and content

Within our website, we use content or service offers of third-party providers on the basis of our legitimate interests in order to integrate their content and services (hereinafter uniformly referred to as “content”).

This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content.

We endeavour to only use content whose respective providers only use the IP address to deliver the content.

Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our website, as well as being linked to such information from other sources.

The following provides an overview of third-party providers and their content, together with links to their privacy policies, which contain further information on the processing of data and so-called opt-out measures, if any:

• Fonts: Google Font API by Google Inc
• Webhosting: Hostinger

Validity and questions

This privacy and cookie policy is valid as of Tuesday, 13 February 2024. It is the current and valid version of our privacy policy. However, we point out that from time to time due to actual or legal changes a revision to this privacy and cookie policy may be necessary.

If you have any data protection questions, please feel free to contact us using the details provided above.